w2k4eva

Well, I finally solved it. Turns out there are TWO settings that needed to be enabled but the error message only mentioned one of them (userdata persistence). The other one is on the same property sheet - "Internet Options" -> Security tab -> Trusted Zone (assuming you have put the MS update website addresses in that zone), click Custom Level. Scroll to the section for ActiveX controls & plugins, find the one for "Binary & script behaviors", click Enable, then OK. Didn't even need to restart IE, just revisit the page and now it loads correctly.

Oh, it looks like there's a few things I didn't get before... By "boot drive", do you mean C: and is that where you have the dualbooted W98 install - and did you say your W2K is on D: ? Sounds like a REALLY bad installer if it hardcodes drive letters even when the OS is installed on some other partition! The main problem may be about simply running out of space - 36MB just isn't enough for really, anything! Any possibility of clearing out more space? One biggie could be to NOT allow swap to use that partition, instead redirect it to some other partition with more space available. Sometimes this can free up as much as 3GB. Also perhaps move "temp" and/or "tmp" as well (both for your own username and for system, they are generally different), this can be a pretty large amount of space consumed... and, yeah, clean them out first! A tool like CCleaner - or even just Disk Cleanup that is packaged with Windows - might help here. Of course you'll need to be sure there is plenty of space on whatever partitions you redirect these items to. My personal method is after the above are moved, to also move "My Documents" to somewhere else than where the OS is installed since this one folder invariably dwarfs the entire combined other contents of that partition. And yes, even W98SE lets you move those items, at least if you have another FAT32 (or FAT16) partition to move them to. I'm a little confused now - are you installing the Intel drivers? I thought you said it was a DLink adapter? I wouldn't expect the drivers to be interchangeable if the underlying chips don't match. Hmm, that sounds like the service component is the only thing left, so that must be what is hosing the works. The only other thing I can think of to try would be, after install and turning off the startup folder stuff and the startup entries, to also disable the service. Start->Run, type "services.msc" without quotes, and press Enter. Then scroll through the list looking for whatever just got installed, right click it and choose Properties. On the General tab, set the Startup type to Disabled. If that lets you boot, it would confirm that it is the service that is the problem. You could then try re-enabling the other items to see if you can still boot properly without the service. But since the service will be needed to actually use the device, I'm not sure how useful this information will be unless someone else can find more clues. They might, the only way to know is to try them. What router(s) are you using? If it is not a DLink there may also be other clients to try. If the card really is supported under W2K then UURollup shouldn't be needed for this. As for defeating the purpose, there may be another path - have you got a driver for plain old wired ethernet? That might let you DL the rest of the drivers. The other question is whether this whole sequence is backwards. It would be MUCH safer to use some other system to do those downloads, then copy the files onto a CD, DVD, or USB stick, then to the target system. I would NEVER connect a new (or even old!) build to the internet until after drivers are installed, things are updated, and a good firewall is installed and properly configured. If you have not got all your drivers in order that could be part of your problem. Especially important would be motherboard chipset drivers, and anything related to USB. There are also a bunch of USB related updates for W2K that might be needed. I'm not sure from your post whether you are using ONLY the SP4 and official UR1 packages from MS, or something else like the Gurgelmeyer package (which installs only MS files. It includes SP4, UR1, plus hundreds of other updates). If you haven't somehow included them already you may need to add KB843503, KB838417 and/or others. KB890188 - ignore the title, what matters is that it replaces Wzcsvc.dll, Wzcdlg.dll, Wzcsapi.dll, and Wzcsetup.exe KB904711 may be relevant as it replaces winlogon.exe Did you used to use it on this system, or was it on a different one? What motherboard is this? Does it use one of those older VIA-based USB controllers that MS refused to support? If so you may need to disable that and use an adapter card in a PCI slot to have working USB. Maybe previously the drivers and updates were squared away first? It's a bit hit-or-miss, but sometimes people give them away on either freecycle or craigslist free stuff (pick a location, then under "for sale", click "free"), if you have the patience to watch and wait for something to turn up.

This isn't needed. MS does (somewhat - sometimes there are errors) give the bulletin number and supercedence info. Do the search, then simply click on any of those results. The popup window has 4 tabs. The Overview tab will have the "MSRC Number" (at least if there is one) and the Package Details tab will have the replacement info (if any).

My how time flies...my favorite browser addon is now more than 10 years old. Noscript goes a long way toward solving this. Having found it so long ago I simply refuse to surf without it. Makes it possible for even a 16 year old laptop running W98SE with only 256MB RAM to surf comfortably on modern webpages once the bloatware is removed from them. Might also work for PaleMoon but IE users are outta luck. It can also be helpful to supplement this with RequestPolicyContinued. I am using 0.5.29 (the last non-beta version) which works in SeaMonkey and older FireFox and maybe also PaleMoon. But it will have issues with FF versions after 40 when Mozilla starts to enforce the walled garden/jail. In line with this they have (prematurely) pulled 0.5.29 from the addons site, but it can still be had at requestpolicy-0.5.29.xpi Pages definitely load faster with these extensions installed than without either. How much faster varies by site and depends on how much bloat you choose to allow, which is easily adjusted on the fly. A nice side bonus is that those annoying flashcookies and whatnot don't need to do their tracking thing, and malware has a harder time creeping in.

MS is not very consistent or helpful in noting supercedence on these. Here's what compares to my own rather incomplete notes. I do need to eventually get those more up to date so there probably are more replacements beyond these. The first entry KB2656353 listed as "MS12-035" is actually MS11-100 as correctly noted in the second list, it is obsolete but ended up in both lists. I'm not clear that MS10-041 KB979906 is required anymore once XP SP3 is installed. I've never had Windows Update offer this unless SP3 is missing. This could also be down to my habit of also installing KB979904 at that point. MS11-044 KB2518864 is replaced by MS12-035 KB2604092, it also ended up in both lists. MS14-009 KB2898856 is replaced by MS14-053 KB2972214. MS13-004 KB2756918 is replaced by MS14-053 KB2973115. MS14-009 KB2898855 is replaced by MS14-053 KB2972215. MS14-009 KB2901110 is replaced by SA2905247 KB2894842. Missing items: I have KB976576 and KB977354 as a combined substitute for KB982524. SA2905247 KB2894845 .NET 1.1 SP1 update MS12-074 KB2729450 .NET 2.0 SP2 update KB2789643 v2 .NET 2.0 SP2 update KB958481 .NET Framework 3.5 Family update for XP - Application Compatibility Update for the .NET Framework 2.0 Service Pack 2 SA2905247 KB2894843 .NET 2.0 SP2 update (this is not replaced by ms14-009 kb2901111 despite being older chronologically) SA2905247 KB2894842 .NET 4 update There's also the whole bunch for .NET 1.0 - if anyone is using Tablet Edition these are required, the .NET 1.1 will NOT substitute in this case. I think the same may also be true for Media Center Edition but haven't actually used that myself. There are of course MANY more .NET updates issued from May 2014 onward that apply to XP without any modification. They did not stop with XP EOL - had you really meant to skip them for some reason?

A little googling shows you aren't the only one having issues with this card. Maybe try to divide and conquer. Can you separate the driver installation from the client manager portion? I'd try using the latest driver loaded by navigating to the INF file but not installing the client yet, see if that much can reboot. If so, then try the full install, but before rebooting, adjust your startup entries to not autoload the client at boot, see if the error persists, or if not can you launch the client manually when needed rather than every boot no matter what. Another alternative would be use the latest drivers but a different client. There are a couple threads that have links to some potential targets: http://www.msfn.org/board/topic/173922-need-a-wireless-client-for-windows-2000/ http://www.msfn.org/board/topic/144280-wpa-client-software/ In particular, the Buffalo client can work with other cards provided it is connecting to a Buffalo router. Maybe try one from the manufacturer of your router and see if they are similarly tolerant of other makers' cards? I guess if it is a DLink router that puts you back where you started... One thing to note, in post #21, so you may have to turn off the WPA2 option in the router if your card is uncooperative.

But there IS such an option - you just have to add each one to the exceptions list.

Actually it is the "net stop cisvc" that turns it off - the regkey sets the service startup type to "disabled" so it will not restart at next boot. Not sure about adding it to winnt.sif but a simpler way might be to add the key at T-12 via cmdlines.txt as described at http://unattended.msfn.org/unattended.xp/view/web/14/ - they even show an example of using a *.reg file there (which is a handy thing to have - you can just add more keys/tweaks all in one convenient place without mucking around in winnt.sif at all). Oh, almost forgot - are you using HFSLIP? If so you can toss that same *.reg file into the HFSVCPACK folder, where it will be run at T-13 and not bother with $OEM$ or cmdlines.txt either.

You do not need NLite for this, I've actually never used it. HFSLIP works for adding SATA drivers to W2K or XP install CDs, at least for US English. I haven't tried Czech so don't know of any special issues there but lots of people have used HFSLIP for this in other non-english languages generally. Might the missing file complaint have been about 4 files OEMBIOS.DAT, .SIG, .CAT, .BIN? If these were not right that could cause issues with license keys if the source CD was OEM. But this is a separate issue than SATA drivers. Nor do you need the FDV fileset if you don't otherwise want it, though Fred Vorck's guide was rather informative and helpful for me. And yes, his general outline works with drivers having more than one file too. Other interesting threads: http://www.msfn.org/board/topic/84572-integrating-sata-and-raid-drivers-with-hfslip/ http://www.msfn.org/board/topic/63302-integrating-drivers-with-hfslip/ I think the latest version of HFSLIP is likely to be on thomasz86' site: http://windows2000.tk/new/ I think it was Vista and up that finally allowed media other than floppies. For XP and W2K Microsoft hardcoded their install images as floppies ONLY, which is why this was so problematic - the need for SATA drivers came out around the time that system box manufacturers were doing away with floppies so people had no way to add drivers, precisely on the only systems that needed them. This is THE issue that made many people learn about slipstreaming.

No, I don't suggest NVidia, those drivers have earned a special mention in my book. They are the ONLY ones I have EVER found to be so horribly bad that the even older ones packaged on the Microsoft OS install CDs actually work better! I know Catalyst 6.x (most of the files are version 6.14.10.x according to Windows driver details) runs on W2k since I have that running. I think I found it on an install CD that came with an older video card. It does want you to have .NET 2.0 and DirectX 9.0c installed first. The vendor for that card seems to think W2k also works with 7.2 (but I haven't tried that), see http://www.powercolor.com/us/support_driver.asp?byclass=1&PSeries=7&PModel=30 - you might be able to get the CCC out of that package. AMD seems to think CCC ver 8 can run on W2k, at least for some versions of some video cards, see http://support.amd.com/en-us/download/archive/firemv-2k They also have an old DL page for CCC 6.4 at http://support.amd.com/en-us/download/archive/integrated-2k There are more older versions at http://www.oldapps.com/ati.php. But the bigger question might be whether these older drivers will work with newer cards - is this intended for the Radeon R7 260x mentioned in your other thread? Not sure whether http://web.archive.org/web/20141014074132/http://benchmark3d.com/mod-catalyst-driver-to-add-supported-cards might be any help - I haven't tried this either.

I just noticed something, the WEPOS updates MS15-057 KB 3033890 and MS15-069 KB3067903 will install as-is, no modifications needed, in plain XP. For some reason these do not have the same blocking code MS puts into most of the other updates. Maybe that will continue to hold true for future MediaPlayer updates?

I wonder if this is a store-specific thing? I looked yesterday and they did have the Sandisk 16GB sticks, but the price was $6.97 at my local store. Anybody know if it would be worth trying multiple stores? Or how long the sale is supposed to be on for? I too have the no-USB3-systems problem... Amazon has changed their price yet again, now they are $5.98...

Actually there IS a one to one correspondence, it's just that we aren't sure what it is - two extra for LogMeInRemoteUser, and three extra for _ocster_1clk_backup_ makes the five. The *.bak entries in your previous registry snip have cleared themselves up, consistent with the temp profiles going away for LocalService and NetworkService. The ones you have now are different profiles that weren't described in the previous posting. Were they present then even if they were part of the stuff you hadn't posted? And no, I don't really care to see them now. You said you have a user profile for LogMeInRemoteUser, so presumably that folder exists. Do the folders for profiles LogMeInRemoteUser.DELLOPTIPLEX755 and LogMeInRemoteUser.DELLOPTIPLEX755.000 also exist? And presumably the profile folder _ocster_1clk_backup_ exists for those four profiles to share? These seem similar to the earlier screenshots. It wasn't clear from your earlier comments that the Account Unknowns were not for the LocalService and NetworkService accounts. It does seem you have several extra SIDs rather than just multiple backup versions of the same SIDs as described in KB947215 method 1. At the same time I'm not clear whether method 3 applies if the folders indicated do actually exist. I don't know anything about your backup aopplication or if it might be related to the _ocster_1clk_backup_ profiles, nor why there are several that point to the same set of folders. Does the backup app work normally since the problematic update and system restores? Have you even used it since then? Maybe ask about this in one of their forums? The LogMeInRemoteUser ones are not just multiple SIDs but also different (though related-looking) folder names. Have you used this app since those updates, and/or the system restore? Again, their forums might be worth a visit. Not sure what else to say, these other profile questions are at the end of what I know related to that update, and I can't even investigate anything similar on my own system since the cacls fix worked for me.

Gosh, I wonder if this means system restore does something to file/folder/regkey owners or permissions? Just curious, on the machines that did not have this issue, by any chance were the drives formatted as FAT32 rather than NTFS? Or were the profiles not owned by the Administrators group? The date modified is updated since the services now have access to their profiles again, which is why the temp profile folders cleared up. I'm guessing the code that does this cleanup may not have cleaned up the regkeys described in KB947215. The regkeys normally would have a value ProfileImagePath that points to the location on disk for the profiles. The snip you posted had these pointing to the no-longer-existing folders before, do they still point there? Do the regkeys still look like the snip you posted earlier? Also do the file/folder owners and permissions look the same as before? @bluebolt - You didn't say whether you had looked at any file or folder ownership or permissions, or at the regkeys glnz posted, but if you had looked before your system restore - have they changed since then?

Yup, Sumatra is lighter than Foxit, the only drawback is not filling in pdf forms. Current version can be had from http://www.sumatrapdfreader.org/free-pdf-reader.html Older versions at http://www.sumatrapdfreader.org/download-prev.html, alternate builds at http://www.zeniko.ch/#SumatraPDF for W2k supposedly either 1.6 or 2.1.1 was the last for W2k but some people say 2.4 works even though no longer officially supported, both will need gdiplus (kb915052) installed

Okay, so whatever it was must have been after 4/8/2015 10:57:43 but before your next boot (not visible in the eventlog screenshots). From your next post it looks like you are headed in that direction already. Did you install anything or do any updates during that time window? Change any file or folder permissions? Change any registry keys/permissions? Yes, he does say they are Dells. My own formerly problematic box is a vpr matrix, this brand was formerly owned by Best Buy, who has since gotten out of the OEM business. I have no way of knowing whether vpr matrix may have bought their factory install image either from Dell or from whatever place Dell got theirs from. But it isn't yet clear that my box had the same situation as glnz does, or that yours exactly matches either his or mine; the eventlog entries have a wide variety of possible causes. I do sometimes get those eventID 1904's. They always seem to come in pairs (as yours do), whenever I open some sort of help file. I've forgotten if it was the *.hlp format vs the *.chm format that does it, or if both do. It looks like you opened three helpfiles (or pages within a helpfile?) within a few minutes of each other. I used to get them before applying the KB3021674 update, and continue to have them after my cacls fix, so I don't think they are related. Should be an easy enough thing to test, first look at the eventlogs on the non-Dells, see if they have these entries, or if opening help files (of either format) causes them. Then see if there are more of them at other times on any of the Dells. Eventually try opening a help file on one of the Dells that still has the eventID 1511 entries, to see if the 1904 shows up. Then reboot and see if the 1511 etc persist. If that test doesn't resolve it, you'll need to look a little farther for whatever may be different. At least most of yours are Pro rather than Home, which makes checking permissions a little easier.

Yes, if you download the W2k3 version of that update, it will install as-is on XP, and you are correct that the updates about root certs are important. Unfortunately MS has put blocking code into the time zone updates issued post-EOL. So this leaves you with three choices if you want them. 1) Look through the KB articles to find what was added, then adjust your time zones manually. Or copy the relevant registry entries, possibly from a newer machine that has the update installed... rather a pain. 2) Use the POSReady registry hack, then get the POSReady version of the update either from Windows Update or the Update Catalog. But be aware that this path is something of a one-way street - once the reghack is applied, you probably won't be able to reverse it from within Windows, you would need an offline registry editor. 3) Modify the updates to work on plain XP. This is the path I am using. Instructions can be found at http://www.ryanvm.net/forum/viewtopic.php?p=115464#115464 . I generally start from the WEPOS version rather than the W2K3 ones, although for timezone updates that are basically just regkeys the difference may not matter. Do be aware that the resulting update won't have the usual sanity checks about versions etc so you must be selective about finding a suitable source file and how it is applied - you wouldn't want to have an IE7 update applied to a system that has either IE6 or IE8, for example.

Check out post #28 over there, the link to download ClientMgr3 may be what you need. I own an old Buffalo card and the CD that came with it includes a slightly older version, ClientMgr2, with versions for W98/98se, WMe, W2k, and XP on the old CD. I haven't tried it on W2k since the laptop I use that card for only runs W98SE but I know it does work there. The interface is kinda hokey by modern standards, but even the older ClientMgr2 does WPA and I don't remember ever seeing a complaint about a too-short key (although I haven't really tried to use a short key either). If you want the entire CD, manuals etc they can be had at http://www.buffalotech.com/products/wireless/wireless-g-125-high-speed/wireless-g-125-high-speed-notebook-adapter

Hard to say without knowing a few more details... like how often you rebooted that machine back then? Are you saying you do not have any more of those eventlog entries after those ones on 4/8? Which is odd since Patch Tuesday for April wasn't until 4/14.... or did you not reboot between 4/8 and the next time you applied updates? And which ones did you apply and when? I know that the February and March patches didn't fix it since I did apply those on 3/22 and continued to have the eventlog entries until 5/26. Based on release dates, they might be KB3050995 (rvkroots.exe released 25 Mar) or KB3049874 (timezones released 27 Mar), but these normally wouldn't be expected to change profile permissions, and the other stuff released before 4/14 was not for XP. While I did eventually apply these updates on 5/30, it wasn't until after I had already done my "cacls" fix on 5/26 so I can't say whether they would have fixed the issue.

Actually the .000 profiles etc are not separate from the topic, they are a direct result of applying POSReady update KB3021674. That said, if dencorso wants to split them off, perhaps leave one post as a placeholder with an explanation of the problem and a link to where they split off to? If he has bad sectors then there are larger problems that won't be solved by just merging profiles!

Well, you had the answer in post #423 : Were you ever able to verify if this worked? What he said. Not that I was able to find, nor any reference to one either. But since I saw 3 of the 4 listed eventIDs on my system it does seem relevant. It looks like you have the same issue with LocalService and NetworkService as KB947215 illustrates for a "user" account (regkeys w/ ".bak", and RefCount nonzero) that we suspected based on the eventlog entries. But let's not edit the registry just yet... Your screenshots covered it for the profile folders. (I'm guessing the ones for TEMP.NT AUTHORITY will resemble the ones for NetworkService, since the TEMP.NT AUTHORITY.000 seems to mirror LocalService as suggested by the regfile snip. This leaves the TEMP one that I'm not sure how it pairs up). It looks like the permissions on the top level folder for these 3 profiles is okay. There may still be a problem with permissions on one of the child folders/files. In my case I took the sledgehammer approach and reset permissions for these plus all children; if you want to you could try to narrow it down to more specific folders/files. But even that is not the place to start - the beginning really needs to be, first get the backup solution to where you know you can restore things if needed. Second, I'm assuming that you have the same situation on both your "main" machine and your older "test" machine, not sure which one the registry and screenshots came from, but I assume they both match? And of course, any tinkering would start on the "test" machine... After those two are settled, then for each profile you might look at the properties of file NTUSER.DAT in that top level folder - on the General tab, be sure the read-only flag is cleared, and look at the permissions on the security tab. The next likely suspect would be the file UsrClass.Dat in each profile's LocalSettings\ApplicationData\Microsoft\Windows folder, and/or each folder between here and the main profile folder. After that there is the corresponding log fie for each of these registry hives. As you can imagine, there's quite a few potential targets, which is why I took the sledgehammer method for my case. The good news is that unlike most users, the LocalService and NetworkService don't need a lot of "personalization" so substituting the new profile from the default works okay as long as that default profile doesn't get corrupted. This is why there don't seem to be symptoms other than the event log entries.

Maybe the better question is whether you even want to install .NET at all! When I clean up an older machine this is one of the items I try to get rid of if it is not absolutely required - and the fact that "it is there now" does not count in my book as a reason to consider it "essential". You don't mention which version of XP you are installing this time vs last time or if you are attempting a version conversion. While Tablet Edition would require .NET 1.0, and I think Media Center edition does too (not sure if that can have .NET 1.1 substituted - TabletEdition cannot), it is not needed for either Home or Pro. While some video cards - usually ATI based - do use .NET 2.0 as part of their driver install, the Inspiron 1300 uses integrated intel graphics, so this shouldn't apply to your case. Some games use it, but that machine was never meant for gaming even when new, so again not likely... The only other "common" reason to want .NET that I can think of, would be if you have installed Google Sketchup - older versions needed .NET 2.0. Newer ones want .NET 4.0 but you wouldn't have been able to install the newer ones if you only have 3.5 so I'm guessing this isn't your case either. Is there some other app you want to use that requires .NET? If your normal habit is to do the windows install, the first reboot, then install video drivers, and another reboot, you would have the video being re-organized at the same time as the .NET optimization in the link given by j7n is trying to run. That combination would be more than enough to bog down a 1300 for as much as an hour or more. For this the solution would be plenty of time and several reboots to be sure the process is finished. If you haven't got some reason to keep it, maybe you should just uninstall it (there is a .NET cleanup tool at http://blogs.msdn.com/b/astebner/archive/2008/08/28/8904493.aspx) and redo the nlite disc to delete it from your install. It is not needed at all for any version of DirectX, I am running 9.0c on the machine I am posting from and do not have any .NET versions here. About the nLited disc, are you integrating (vs slipstreaming as HFSLIP would do, some things are done differently from nLite) the video driver differently this time around - or even at all? I'm not sure if a later driver from Intel rather than Dell might have a different version of OpenGL? Also do you have the right version of the Intel chipset driver INFs - again, is this nLited in before the install, vs integrated at T13 vs manually installed later, which might mean a few more reboots needed to get things settled in?

Well, it's not quite as convenient as having the fields prepopulated, but would typing stuff in at https://www.microsoft.com/technet/support/ee/transform.aspx be checking the same database? I've never actually seen anything other than 404 from the links in the property sheet so I'm not sure where it used to have gone.

Well, at least it explains why you don't have this issue! Has anyone else used this update on a NTFS-formatted drive, regardless of whether you use Avast? If so, do you have this issue or not? Are glnz and myself the only NTFS users? Yes. Hmm, your "before" looks like my "after" so it's not clear if we have exactly the same situation. before-perms.txt after-perms.txt which makes me think I said something confusing... I'm not sure if you did only the items in the middle of the post, or if you started with the command line stuff at the bottom then went back to the middle? I think I need to edit that post for clarity, just so some future reader won't end up jumping in prematurely! Meanwhile here are some background information links you might find helpful. Access Control: Understanding Windows File And Registry Permissions https://msdn.microsoft.com/en-us/magazine/cc982153.aspx Cacls https://technet.microsoft.com/en-us/library/bb490872.aspx Undocumented CACLS: Group Permissions Capabilities https://support.microsoft.com/en-us/kb/162786 Well-known security identifiers in Windows operating systems https://support.microsoft.com/en-us/kb/243330 Changes to the behavior of the default discretionary access control list (DACL) for administrator on a Windows XP-based system https://support.microsoft.com/en-us/kb/318825 this one is interesting if a little unclear - we seem to have gotten the NT4/W2K policies rather than the XP policy here, not sure if this changed with SP3 which came out after this KB was published - or maybe it's the W2K3 policy coming in w/SP3? How to set, view, change, or remove special permissions for files and folders in Windows XP https://support2.microsoft.com/kb/308419 You receive a "The User Profile Service failed the logon” error message https://support.microsoft.com/en-us/kb/947215 the event log information part is interesting. If you did NOT do the last 2 cacls commands from my post but already have those permissions, method 1 in kb947215 above may be relevant. If you DID do those, see if a reboot makes those eventlog entries clear up - if you did them but rebooting doesn't help, this might be part of the explanation. You had more temporary profiles than I did, maybe the registry entries described might be why. Not real sure about this; my temporary profiles deleted themselves without further intervention on my part. Have you rebooted more than once since spotting this issue? If so are all of those temporaries still hanging around? Who owns them? Yeah, but it must have been like, 30 years ago.... maybe I should see if my local public library has a copy, that might be fun to watch again sometime!

Edit 29 May 2015 - add green text I think I figured out what's going on, at least for my own system since I've gotten rid of those eventlog entries. And it seems just KB3021674 is the immediate culprit since the KB mentions that one "could leverage the Windows User Profile Service (ProfSvc) to load registry hives that are associated with other user accounts". I think the Local Service and Network Service used to do exactly this to borrow access they should not have had, possibly from SYSTEM, which is why it used to work for me before the update but afterward didn't and actually never should have, given some of my file permission settings. The good news is that the update does not need to be uninstalled to solve it. The first clue is in a thread about this update going wrong for Vista/W7 users, but the basic outline is the same for XP and/or WEPOS 2009 as well even though nobody mentions it... see the third post by Susan Bradley on http://answers.microsoft.com/en-us/windows/forum/windows_7-windows_update/kb3021674-causes-user-profile-event-1542/f203ebf9-08f5-4b95-84af-fbe8c52f3854?page=3 To dencorso and glnz, could you both check what account is the owner of the folders: C:\Documents and Settings\Default User C:\Documents and Settings\Local Service C:\Documents and Settings\Network Service C:\Documents and Settings\ (your account name) Mine are all owned by the "Administators" group, I'm thinking that glnz may have this too but perhaps dencorso does not? Also could you both open a cmd prompt and type cd c:\Documents and Settings cacls "Default User" > perms.txt cacls LocalService >> perms.txt cacls NetworkService >> perms.txt cacls (your account name) >> perms.txt then paste the contents of perms.txt here? In my case these showed that neither Local Service nor Network Service had any access to their own profiles since they were not the owner. The way I see it, the ideal solution would be to change the owner from Administrators group to Local Service and Network Service but the UI does not give me any way to do that... it can TAKE ownership but not give it away, and having it owned by either me or Administrator would not solve the problem. The other interesting post is on page 4 of that thread, in the Susan Bradley reply near the bottom, with the screen shots. But instead of focussing on "anyUser" as she does, check out NT AUTHORITY\Local Service and NT AUTHORITY\Network Service - giving them Full Control solved it for me. Also I had to do this for the entire folder (I also propagated to all children while I was at it), not just the files ntuser.dat and usrclass.dat - doing just those 2 files replaced the 6 errors with a pair of eventID1500's but didn't completely solve it. And yes, the mystery profiles for Temp and TEMP.NT AUTHORITY went away on their own after a reboot once I fixed all the permisssions, I did not need to manually delete the temporary profiles. If you have XP Pro you could follow the screenshots but for Home you would have to either reboot to safemode (so the normally missing security tab can appear on the property sheet), or (to view the current settings) use the command line to enter cd c:\Documents and Settings cacls LocalService "NT AUTHORITY\LOCAL SERVICE" cacls NetworkService "NT AUTHORITY\NETWORK SERVICE" or to actually do the fix: cd c:\Documents and Settings cacls LocalService /t /e /g "NT AUTHORITY\LOCAL SERVICE":F cacls NetworkService /t /e /g "NT AUTHORITY\NETWORK SERVICE":F then for either way, version of the fix, reboot. This worked for me.