smashly

That malware trojan that was mentioned in the first post of the thread. I currently have had similar in the internet caffe I work at. Picked it up from backpackers mem card. It genrates a .exe of a directory in the directory with the icon for a folder (if you have file extensions set to hidden then a user will more then likely click on it thinking it's a directory). eg: C:\Temp\Temp.exe = 45KB it then proceeds to do this for just about every directory it can find on and writeable drive, full read/write network shares are not out of the question either. (Seen many of these type of .exe type worms , but this one seems to be a bit smarter then the average) Avast doesn't pick it up as a prob , nor does Nortons AV , nor does MS Malicious Removal Tool. So any pc that gets infected while in a full admin account seems to be screwed. I don't mean the built in administrator passworded account either, I refering to a created passworded administrator acount. Makes no diff , try and access Hijack This , windows Regedit , AutoRuns or just about any util = reboot. Your Folder options are removed from Explorer. Try from safe mode is the same result as it's loading as a sytem file. (spose that's another good reason not to dissable SFC) Adds to HKLM run Brons-Spizaetus C:\Windows\ShellNew\sempalong.exe Adds to HKLM run C:\Documents and Settings\AccountName\Local Settings\App Data\smss.exe If you try to access the directories where it's residing then it reboots your pc. log into another account and it copies itself to the new user account in documents and settings. I was able to find it's run entries by using spybot search and destroy. (didn't reboot) Tried pulling the run keys from the reg using spybot but it replaces them just as quick. Loads as inetinfo.exe in task manager and drops in and out as it pleases, there's also another process that does the same , but it happens so quick it's hard to see what it is. Try terminate it when it appears and you guessed it , windows reboots. Try running cmd window and it reboots your pc. Some variants of it add an empty .pif to global startup. When infected from a limited user account you can recover quite easly as it doesn't seems to be able to replace system files and hijack the path and your able to stop it quite quickly. Symptoms when infected in a limited user account is on reboot you get a winlogon error before the desktop loads. From a google search it shows as a variant of some sort of w32 emailing worm trojan. Funny as it shows the risk of getting it are low... Geez the internet caffe I work in has been hit by this blighter umpteen times...lol So much for current day virus scanners and MS Malicious Removal tool. Going to take it home an test a few differant virus scanners on an old rat pc I have. Wonder which virus scanner detects it correctly first. Cheers

Well thats very easy, just don't use the standard Blue Windows XP skin! Office 2003 and nero7 just adapt on the skin you choose for WinXP. Don't know about office 2003 , but definately not so with nero 7. I use a custom classic desktop theme in xp and nero 7 is very much the same as when I use default Luna theme. Only thing that changes for me is the colour theme but not the actual Office 2003 style GUI (the menu bars). Cheers.

Disable System Tray from Showing Icons [HKEY_Current_User\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoTrayItemsDisplay"=dword:00000001 That's taken from UARegistryTweakageDOTNET0.4.1. Don't know if it helps Good luck

Yep your right nitro322 about you'd need to write a shellx dll to do what I was wanting. FTM for my private use I hacked/hijacked a shelx dll from QuickMenu and customized it for SA Utils. I have it so anywhere in windows I can right click and choose an option to open any of SA Utils progs. I added shortcuts for all 3 UniExtract options as well , but the problem is those options are available on any file type which will give error if a user selects the wrong file type to UniExtract. So now I have SA Utils on the root of my context menu , then in a sub menu off that I have all options of the programs in sa utils kit. It's rough but does what I need ftm. I won't release the hacked dll for the shellx because it's not mine to do so (Also if a user used QuickMenu as well as SA Utils there'd be probs , to resolve I'd have to change it's CLSID of the hacked dll). QuickMenu is a free shellx , but I don't think it was meant to be hacked/stolen by me. I'm only using it as tester for my own needs atm....lol. I've no programing knowlledge what so ever. I've toyed with XSDK (Xbox SDK) , mainly for debug & capture features and that's about it. Hell I even have troubles writing a cmd file with If or For statements . I'll keep poking arround with it in my spare time. Cheers

Since ppl are using XXMKLINK to add shortcuts for nero that will not be removed when nero is uninstalled I just don't see why they don't just create a shortcut.inf run it from runonceex or cleanup.cmd. Much cleaner,smoother approach then adding another third party prog to do it IMHO. Eample of shortcut.inf to add a "Nero Burning Rom" shortcuts to All Users\Program Files\Nero 7\ and Quicklaunch [Version] Signature=$CHICAGO$ [Shortcuts] UpdateInis=AddLink [AddLink] setup.ini, progman.groups,, "group1=""%16410%\Microsoft\Internet Explorer\Quick Launch\""" setup.ini, group1,,"""Nero Burning Rom"",""""""%16422%\Nero\Nero 7\Core\nero.exe""""""" setup.ini, progman.groups,, "group2=""%16407%\Nero 7\""" setup.ini, group2,,"""Nero Burning Rom"",""""""%16422%\Nero\Nero 7\Core\nero.exe""""""" Example of how you launch your shortcut.inf from your RunOnceEx.cmd REG ADD %KEY%\045 /VE /D "Adding Nero shortcuts" /f REG ADD %KEY%\045 /V 1 /D "rundll32 setupapi,InstallHinfSection Shortcuts 128 %CDROM%$OEM$\shortcuts.inf" /f You'd need to adapt the path to your shortcut.inf to suit yourself of coarse. Yep the shortcuts will still be there after you uninstall nero, but your going to get the same if you use XXMKLINK anyways. Myself I edited the nero.msi and just added the shortcuts I wanted , at least they uninstall when nero uninstalls. No biggy , but I perfer it that way for me. Cheers

Confirmed , uniextract10_noinst.exe extracts without crc errors now ...all good I did't wan't to modify your code nitro322, just curb it so to speak. What I meant by the Context Menu is that when I right click an exe , msi , chm ,hlp that I would now have 3 new entries in my root context menu, add that to the other 13 other options I already have in the root of my context menu for those file assosiations from other progs and it's now starting to get very long. I found 1 option to "UniExtract Files.." on the root of my Context Menu was sufficient for me. I would like all 3 options but just not on the root of my Context Menu. But hey that's just my preference If I knew how to bring all 3 options into a submenu off the root of my context menu then I would leave all 3 options. No biggy anyways. Your prog rocks for me as is. Keep up the great work Cheers.

Your welcome ironside. Added your suggestion of RegCleaner plus a small hex editor XVI32. I actually have used RegCleaner for a couple years now (mainly in my win98 days) , just hadn't thought to add it , good suggestion of yours btw Updated 1st post v0007 now available Cheers.

Thank You for sharing, will have a play with it when I get home from work tonight. Cheers.

Thank you for confirming my crc probs nitro322. I used your installer version UniExtractor on itself to get the required SA files and minimal reg entries for context menus (I only wanted the basic reg entries for context extract files exe , msi , chm , hlp). Incorperated UniExtract into SA Utils install package , Updated SA Utils thread to current version. Trivial sugestion for your right click Context Menu maybe offer to have the 3 menu options under 1 main in a submenu. eg: UniExtract->Extract Files... Extract Here Extract Sub As I said I was going to flog your prog last night and I did. I was impressed with it's performance and it worked on more files then I expected. Luv the .ISS it creates , takes the guess work out of finding reg entries . Great Work m8. Very much appreciated THANK YOU.

Added another handy Util from nitro322 "Universal Extractor v1.0" Updated 1st post , SA Utils v0005 now available. Any probs with SA Utils be it a user or author of a program(s), let me know. Cheers

Edit: wrong thread, sorry.

Hi and Thank You nitro322. I've tried your uniextract10.exe , the installer version worked sweet as for me on a short try (gunna give your proggy a flogging when I get home work...lol) But the uniextract10_noinst.exe just keeps coming up with crc errors when I try to extract the archive (pasted from SFX window) CRC failed in bin\arj.exe Extracting bin\E_WISE_W.EXE CRC failed in bin\E_WISE_W.EXE Extracting bin\helpdeco.exe CRC failed in bin\helpdeco.exe Extracting bin\i6comp.exe CRC failed in bin\i6comp.exe Extracting bin\innounp.exe CRC failed in bin\innounp.exe Extracting bin\IsXunpack.exe CRC failed in bin\IsXunpack.exe Extracting bin\lzop.exe CRC failed in bin\lzop.exe Extracting bin\PEiD.exe CRC failed in bin\PEiD.exe Extracting bin\tee.exe CRC failed in bin\tee.exe Extracting bin\UniExtract.exe CRC failed in bin\UniExtract.exe Extracting bin\UnRAR.exe CRC failed in bin\UnRAR.exe Extracting bin\unzip.exe CRC failed in bin\unzip.exe Extracting bin\WUN.exe CRC failed in bin\WUN.exe Extracting bin\xace.exe CRC failed in bin\xace.exe Extracting bin\Formats\7z.dll CRC failed in bin\Formats\7z.dll Extracting bin\Codecs\7zAES.dll CRC failed in bin\Codecs\7zAES.dll Extracting bin\Codecs\AES.dll CRC failed in bin\Codecs\AES.dll Extracting bin\Codecs\Branch.dll CRC failed in bin\Codecs\Branch.dll Extracting bin\Formats\bz2.dll CRC failed in bin\Formats\bz2.dll Extracting bin\Codecs\BZip2.dll CRC failed in bin\Codecs\BZip2.dll Extracting bin\Formats\cab.dll CRC failed in bin\Formats\cab.dll Extracting bin\Formats\chm.dll CRC failed in bin\Formats\chm.dll Extracting bin\Codecs\Copy.dll CRC failed in bin\Codecs\Copy.dll Extracting bin\Formats\cpio.dll CRC failed in bin\Formats\cpio.dll Extracting bin\Formats\deb.dll CRC failed in bin\Formats\deb.dll Extracting bin\Codecs\Deflate.dll CRC failed in bin\Codecs\Deflate.dll Extracting bin\Formats\gz.dll CRC failed in bin\Formats\gz.dll Extracting bin\Formats\lzh.dll CRC failed in bin\Formats\lzh.dll Extracting bin\Codecs\LZMA.dll CRC failed in bin\Codecs\LZMA.dll Extracting bin\Codecs\PPMd.dll CRC failed in bin\Codecs\PPMd.dll Extracting bin\Formats\rpm.dll CRC failed in bin\Formats\rpm.dll Extracting bin\Formats\split.dll CRC failed in bin\Formats\split.dll Extracting bin\Codecs\Swap.dll CRC failed in bin\Codecs\Swap.dll Extracting bin\Formats\tar.dll CRC failed in bin\Formats\tar.dll Extracting bin\Formats\z.dll CRC failed in bin\Formats\z.dll Extracting bin\ZD51145.DLL CRC failed in bin\ZD51145.DLL Extracting bin\Codecs Extracting docs Extracting bin\Formats Extracting bin Extracting UniExtract.au3 Extracting support\Icons\uniextract_exe.ico CRC failed in support\Icons\uniextract_exe.ico Extracting support\Icons\uniextract_files.ico CRC failed in support\Icons\uniextract_files.icoI have tried clearing my temp and internet cache and dl'n again , same crc failures when unpacking though. Could you please post the MD5 for uniextract10_noinst.exe The MD5 I get for uniextract10_noinst.exe: B281C1276D2D36B8C09452151649857C (Size 1.84MB (1,934,224 bytes)) cheers PS. Hope you don't mind me adding your prog to my SA Utils personal package. if so let me know. SA Utils Info: http://www.msfn.org/board/index.php?showtopic=65085

SA Utils (Stand Alone Utilities) in 1 switchless silent exe install. (Updated: 1-May-06) *Removed for systernals licensing reasons. Thanks for digging it up tarquel lol ...It was around the time I first read that post at Ryans that I sorta lost intrest in a public pack of SA Utils , but hey I can keep it for myself. I'd just been to slack to search for my own post and edit it but hey since you bring it to the top .. It's Fixed My personal SA is upto v0114 nowdays...lol This pack was sorta contradictory anyways. Stand Alone Utils that don't need to be installed but are installed anyway... were was my mind?..lol Cheers

For example , if you made your .cab file you would be packing your .msi file in a 7z sfx exe file first. Along with your msi file you would also include a msistub.exe file in your 7z compressed file. Your config.txt command would be something like "msistub your.msi /qb-!" or "msistub your.msi /qn /norestart" for more info on making silent switchless 7z sfx exe look HERE. You'll also get the msistub.exe from there as well as all the needed info. Once you have the 7z sfx exe of your msi made then you cab it. That'll end your msi fails to install prob.

when you pack your msi are you using a msistub?

I'm noticing the same thing myself. Also noticing alot of errors showing in "Event Viewer -> Applications" as well after windows is installed. I don't get these errors when I run the same apps from RunOnceEx and all those same apps install fine. hmm

Thank You for the answer BlueMe. Once again sorry for posting in the wrong section , won't happen again. Some1 Please DEL %0 this misplaced thread. Cheers

Edit: Sorry about that , posted in wrong forum. Maybe I shoul read the sticky at the top before posting huh

A quick note aboout removing Nero Scout the way it's shown in tempuser's guide. If you use nero express (which is part of the nero core) then you will get a failure when you try to select the add files button in nero Xpress (in any mode MP3 , Data , WMA etc) , you won't be able to back out once the error happens , The only way out is to kill the task in windows task manager. Solution: When editing your nero.msi with IS11.5 If you want nero Xpress to work then don't delete whole component , just the 2 of the 3 dll files in the component. Component: NeroFileDialog_NTxxxxxxxX Files: MediaLibraryNSE.dll <----Delete from component NeroFileDialog.dll <----Keep in component if you want to use nero Xpress without error. NeroSearch.dll <----Delete from component ----- Just the Nero 7 Demo Core (7.0.14b Demo - English Only) silent switchless no reboot. I made it to my preferences , but give it a go if you like. (Packed with 7-Zip sfx if you want to look at what's deleted/edited or to add your serial , it's only for an example) No Scout No Media Home No Wave Editor No Trax Editor No BackIt up No Recode No Vision No Showtime No Cover Designer No Image Drive No InCD No Fast CD/DVD Plugin No SmartStart No Yahoo No Tools Adds shortcuts to: All Users\Start Menu\Programs\Burning\Nero.lnk Quicklaunch\Nero.link Left the English Help Files for Nero and Nero Express (Nero Express is part of the Nero Core) Left the built in Virus Scan. Left the basic plugins that came with nero 7 demo and are accessed from Nero "Extras->Encode Files": Lame PowerPack MP3 Nero Pro MP3 Encoder AAC HD Encoder Ogg etc The VCD engine is still intact as well so you can still use nero to make VCD/SVCD FileSize: 29.7 MB (says 31.16MB on the host sight..hmmm, says 29.7 MB (31,157,955 bytes) when I do a properties on my PC) FileName: n7core.exe MD5: 688DD4CB071A6CE1262F70DC0535C9E0 Download: Here

The easy way out would be to use the switchles silent already packed version of .NET Framework 1.1 from RyanVM's Page. Works well for me. Good luck EDIT: almost forgot to say "Welcome to the MSFN forums"

Daemon Tools v3.47 & awxDTools in 1. Information: http://www.daemon-tools.cc Version: DTv3.47 awxR1.0.5B072 Size EXE: 1.63MB Main EXE: http://freefilehosting.net/?id=qt7yl6nb MD5 EXE: 2715AB92E3FA403C0344E569B5AD9242 Size CAB: 1.56MB Main CAB: http://freefilehosting.net/?id=qt7ylqzZ MD5 CAB: 3014A412FF7C87BAEDEB0877FE6EA040 Why the Old v3.47 you ask?..... No forced reboot and does all I need for me ftm . v4 with it's sptd requested reboot as well as the optional adware turns me off. More info attached to post Cheers More_Info.txt

Just for you tap52384 , both silent switchles installer in .cab and .exe , take your choice. Info For XP ONLY!!!! Installs VCdControlTool.exe and HowToUse.txt in "ProgramFiles\Virtual CD Control Panel\" folder Installs the VCdRom.sys file to "system32\drivers" folder Adds shortcuts to the "How To Use" and "VCdControlTool" in "All Users\Start Menu\Programs\Virtual CD Control Panel\" folder Has uninstaller in windows Add/Remove programs. Vitual CD-Rom Contol Panel v2.0.1.1 Silent-Switchless EXE Virtual CD-Rom Contorl Panel v2.0.1.1 Silent-Switchless CAB (for nLite users) Myself I'll stick with my custom DaemonTools 3.47 and awxDTools all in 1 silent-switchless-NoShortcuts package ftm. Cheers

Nice find , But what switches are you reffering to? It's not an installer . A command line version VCdControlTool.exe would be nice (does it work as a command line tool as well?) , then you could add those to context menus when pointing at iso's or the virtual drive itself. Cheers for the heads up.

Also if your using onboard sound it can cause probs at times , speacily when theres alot going on on screen. I use to get freezes intermittanatly on similar spec pc to yours awergh , my AC97 onboard audio was the culprit for me most the time . Updated sound drivers , lower audio settings to minimal settings in all area's of the game , turn of announcer , taunts etc I still Luv ol' skool UT with all it's mods. M..MM..MMM...MMMONSTERrrr..KILLL..Kill ..kill Buwahahaha Good luck

Heya tempuser, I didn't have a prob with the shortcut names , just the path built in variables are limited in the installer itself. gather I have to add my own variable for the equivilant of "%AllUsersProfile% in the installer itself. The installer built in variable of [startMenu] seems to only apply to the logged on/current user. Some of the other built in variables like [WindowsVolume] and [MasterVolume] are either of those the same as "%systemdrive% ? What's the equivelant of "%AllUsersProfile% , etc ? I would like to know the actual meaning of their value without having to guess , there just no [systemDrive] or [AllUsersProfile] there by default . If they are there then I don't know what they are called ftm. I just didn't like the idea of hard pathing the shortcut directories for example; "C:\Documents and Settings\All Users\Start Menu\Nero" (which does work btw) , thought it might cause greif somewhere down the line . Will poke around with it tonight some more when I get home from work, then hopefully my questions will be answered. Edit: Worked out the short cuts the way I wanted , there's 7zip'd 242 KB avi example I did it if any1's intrested. How to add shortcuts to nero's msi with InstallSheild 11 avi A rough text example version attached to post if wanted , be warned I'm no tut writer Hope it helps. Cheers all Example_HowTo_Nero_SC_in_ISS.txt