GrofLuigi

REGEDIT4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Kbdclass\Parameters] "AllowDisable"=dword:1 MAYBE it will work. GL

Seems like a weird font your friend uses. The question is, how did he enter the chars through the keyboard so they ended in the symbol range... Or did Windows/Office do the translation... Oh, well. You can confirm they are in that range through the "Insert Symbol" map in Word or the Character Map. For an individual character, you can see its ASCII code if you press Alt-X in the main area of Word (where you type). GL

Maybe it's missing font. For Office 2003: (menu)Tools>(item)Options>(tab)Compatibility>(button)Font Substitution. It will tell you what font your friend has, and you don't. Word sometimes makes stupid choices for font substitution.... GL

Now you've mentioned the word align too many times and it reminded me Microsoft has been aligning things way back... GL

That's port 445 as it can be seen in C:\Windows\System32\drivers\etc\services. Local port is high because your computer has initiated the connection. Don't close it if you need SMB over TCP (file and print sharing). GL

Another KB... GL

sort 3.txt /o 4.txt One liner (but needs fixing by someone more knoledgable): copy 1.txt+2.txt | sort /o 3.txt GL

Another interesting program of that nature is DumpSec. GL

You can't change the system of permissions in Windows (its structure and the way it works) because every bit of Windows enforces it. You'd have to rewrite the entire operating system. You can only play with users and groups. But even if you 'play nice' Windows has many undocumented traps which you have no way of knowing they exist. And that's even before Vista/7... GL

Shameless plug... I've done it, but I'm still in doubt is it worth it. Mostly because I haven't found out anything about the actual format the permissions are stored in (mostly, whether "Inherit..." means less permissions stored. I think it does not.). Otherwise, only two security principals: Administrators and System (anywhere on the system partition, with some exceptions). My username (even in registry) is not owning anything. Other partitions: Everyone full access. When the services configured to run under "weak" accounts (Local Service, Network Service) are disabled or their owner changed to Local System, the two "weak" accounts aren't started on boot. No problems, except for Distributed transaction coordinator gruntling, but who uses that anyway. I still don't advise doing it, mostly because you "weaken" security (in Microsoft's sense of the word). GL

It's always easier when you have figured out the exact search string GL

Here is one that I use as a base, doesn't remove too much and nearly everything works. Adjust languages to your needs. XPSP3.ini

You created a username(s) with empty name(s). That's asking for trouble. Also, reduce the disabling of services, especially the networking ones. NetLogon, NtLmSsp, RpcLocator(maybe) SamSs are especially critical for the first boot. In fact, it would be better if you don't touch any services at first. And what Sp0iLedBrAt said. GL

You're right, I didn't pay much attention. GL

1) Those updates contain files that are not present in the installation source. Regular method is when nLite replaces the files directly in the source. But because these files aren't referenced in any .inf's, they would not be copied over at installation time. Nlite doesn't know what to do with them and where are they supposed to go, so safest bet is to copy the whole installer (KBXXXXXXX.exe) and start it at installation time. That is the non-regular method. 2) Just click YES every time nLite asks you if you want to keep the newer file. This is a consequence of how Microsoft creates the updates. They are mostly cumulative (higher version number of a file contains the fixes of the previous versions), so you'd always want to have the file with the highest version numbers. Of course, there are exceptions to this rule, but for the public updates they can be overlooked. Also, one file can be replaced by two KBXXXXXXX's, or two KBXXXXXXX's replace few files but one doesn't contain one file (so that's why this KBXXXXXXX is kept, because of that one file), so that's where differences (and nLite's questions) come from. When integration of one KBXXXXXXX.exe is finished, the files are part of the source from then on. GL

And 2388210, at least on Server2003, but I think also on XP. Sure looks like a more direct replacement to me. *Edit: yes, there is a Update replacement information section in the article that needs to be clicked on. GL

CleanBiosInfo (is it "remove OEM old bios information"?) can lead to this, especially if it is a non-standard CD. And I see it's non-standard (probably OEM) because it removes a directory SW_VER that is not present on standard CDs. So OOBE (Windows Activation) will hang. (edit: I'm not 100% sure about this, because I have forgotten the description, but I never remove it myself because I THINK I have been burnt by this). Maybe even the setup calls something in the SW_VER directory, so it hangs whan removed. Also, in my opinion, this is a wrong way of installing drivers (everything in one go, extracted from a previous installation/machine, so you inherit the flaws and older versions that installation/machine had). Only few drivers are necessary (to boot, only one - SATA controller). Basically, what Sp0iLedBrAt said. Also, hardware removal seems a little odd for my taste. Are you sure you will never connect another printer, scanner, camera etc. to this computer? If you want to go hardcore, I can tell you (after comparison with my ini) that you will never have CPU Transmeta Crusoe, ALI IDE Controller, Toshiba PCI IDE Controller etc. (OK, those may not be present in your OEM CD). Hardware removal can lead to many tears few months later. Other notes: - I don't know what DelDrivers is. Sounds dangerous. - We don't know the contents of your tweaks.reg. And why is it called twice? - Are you sure partition D: is defined at install time? GL

Again, seems ordinary, but... Avast and Sandboxie are referenced. It can't be known what they do without an in-memory debugger. Another hint (line 136): Explorer is using USN change journal. That is an indication one or both of them are active. So, don't know what to say. I just made a shiny new nLite for my new VirtualBox installation this weekend, but I used my regular Last Session.ini. I forgot NOT to remove "Group Policy Management Console" there, otherwise I would have refreshed my memory about these things... GL

That's OK. Most of the group polices are missing. I also haven't seen them myself for a long time since in my builds I always remove them, so I might not be able to help you in the most direct way - by comparing to my system. What's wierd is that Last Session.ini doesn't indicate any removal. Sure, have a nice weekend you too GL

Try unregistering then registering the dlls. Search registry for "GPO-Disabled" and check whats around there ( HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy) . Check HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions . Any firewall? They can also block things in-memory so it will not be seen in ProcMon logs. Post a trace of the actual MMC startup (gpedit.msc). GL

@TheWalrus: Maybe it's Opera's SpeedDial or RSS Feeds or something similar? It doesn't do that here, but I've edited all possible settings to tame it down. Another very confusing issue is: when a topic is read, it gets removed from the list, instead of just being displayed as faded (read). But I think it's unrelated to this. GL

I'd like to think of myself as brave. In line 298 regsvr32 finally takes over. The command line is correct. Initializes, does what it has to do, but soon after that Avast\snxhk.dll is loaded (line 343, before are just checks). In line 489 it checks its configuration. Soon after that audio is initialized (maybe to play a warning sound?) After that, all apears as normal, but nothing is ever written to the registry (ignore Cryptography\RNG\Seed and SessionInformation\ProgramCount. They are written all the time and not important). Conclusion: Kill Avast in any way you can/like. (This was written about the previous log. Quick peek at logfile2 agrees). GL

Comparison: RST 10.1.2.1004: RST 10.5.0.1015: It gives interesting results when the two images are overlaid on top of each other (I don't know how to do that in the forum). The difference is small, but maybe there is some other factor to "snappines" of the OS. I can feel it, I swear. I have older Intel® ICH9M-E/M SATA AHCI Controller. *Edit: For anyone interested, I'm attaching a comparison of nine MSM/RST versions on this laptop. All tests were done under similar conditions (install driver, reboot, clean up, test). The test results within one version were reproducible. RST 10.1.5.1001 seems the best, but all differences are minimal. GL Intel_RST.rar

I just wanted to share some info. New RST 10.5.0.1015 appeared on Station Drivers. From my testing (on live system, just reinstalling the driver), it seems slower than previous 10.1.2.1004. I will revert back and test again with HD Tune, and report back of course. Also, there is some problem with its digital signature - it appears as not signed. So, I'd not recommend this driver for now. This is my subjective opinion. GL

Did you wait long enough? Changes related to Microsoft Network (browser service etc.) take same time to propagate. I'd suspect something is wrong only after at least 15 minutes of idling. Or maybe it was enough to change workgroup name back and forth on one/both computers. GL