MOONLIGHT SONATA

@maxxpsoft and rikgale, Try your luck and let me know. All the script work is by my respected forum mate Martin Zugec. He is the inspiration behind the whole thing. Only i tendered him the idea. It works in my machine flawlessly. I've learnt a lot in applying this script...i mean through a lot of NTLDR deletion. what i expect from both of you is some insightful value-addition into the whole schema. Script has achieved what was aimed for. Now, what we together can achieve is some improvement along the path..at least some brain-storming discussions. I'm always for your help...just ask. ====MOON

@maxxpsoft and rikgale, Try your luck and let me know. All the script work is by my respected forum mate Martin Zugec. He is the inspiration behind the whole thing. Only i tendered him the idea. It works in my machine flawlessly. I've learnt a lot in applying this script...i mean through a lot of NTLDR deletion. what i expect from both of you is some insightful value-addition into the whole schema. Script has achieved what was aimed for. Now, what we together can achieve is some improvement along the path..at least some brain-storming discussions. I'm always for your help...just ask. ====MOON

@BrandonS_Mil & rikgale, Here's a Guide (almost!) that i find pertinent for your requests. And, Files packed Too! I explain the working of this Protection method in some detail. Method is to be implemented from RunOnceEx.CMD. Another criterion is to implement it in RunOnceEx.CMD by adding it into the REG ADD section. Though, this authentication should start before any Post-Installation Non-Microsoft File transfer activity, we can't simply add the running of this authentication script in RunOnceEx.CMD directly by following the syntax below: %SystemDrive%\Windows\System32\ProtectUA.CMD SET KEY=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx REG ADD %KEY% /V TITLE /D "Software Installation Window" /f REG ADD %KEY%\001 /VE /D "Preparing Installation Profile..." /f REG ADD %KEY%\001 /V 1 /D "%CDROM%\$OEM$\PREPARE.CMD" /f Reason is Our ProtectUA.CMD file contains the command-line running of ProtectUA.VBS, the actual file which does all the WMI Class Queries to auto-detect Unique Identificator from BIOS. As not all WMI Classes are available at the T-13 Minute mark, a time when both CMDLINES.TXT and RunOnceEx.CMD jobs get lined-up for 1st log-on time accomplishment, the above input into RunOnceEx.CMD will fail. Will fail because ProtectUA.CMD will then run at the T-13 Minute Mark, instead of at the 1st Log-On. The correct input into RunOnceEx.CMD should be like this: SET KEY=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx REG ADD %KEY% /V TITLE /D "Software Installation Window" /f REG ADD %KEY%\001 /VE /D "Preparing Installation Profile..." /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Windows\System32\ProtectUA.CMD" /f REG ADD %KEY%\001 /V 2 /D "%CDROM%\$OEM$\PREPARE.CMD" /f Now, the ProtectUA.VBS will do all WMI Class Queries at the time of 1st Log-On. Still Reading?....Follow Me... All of your .CMD files including Prepare.CMD need to be packed in a ZIP archive (in ProtectUA.VBS, we call the ZIP as ProtectUA.ZIP). ProtectUA.ZIP will have its files archived with their full path-info saved. Remember, our intention is to extract it into C:\, in their respective folders. Encrypt ProtectUA.ZIP with a password and the same password is required to be inserted into ProtectUA.VBS. If you use WPI, then don't forget to include WPI.CMD into the ZIP archive. Don't worry, You can extract it to anywhere, it doesn't matter, as long as your WPI.CMD includes WPIPATH variable targetting the %CDROM%\Install\WPI\ route and as long as WPI.ICO resides alongwith WPI.HTA inside the %CDROM%\Install\WPI\ folder. In this way, you are hiding Path information of your most critical software package. Remember, only successfull Machine Authentication can enthuse ProtectUA.VBS to extract the ProtectUA.ZIP into C:\. If, Machine authentication fails, ProtectUA.VBS just deletes NTLDR and restarts the machine. In either authentication success or failure, both ProtectUA.ZIP and PKUNZIP.EXE get deleted altogether.I've chosen PKUNZIP.EXE as Unzipper, you could have your own;Command-line syntax is important, if you choose any other unzipper, insert its command-set into ProtectUA.VBS at the desired place) Sounds interesting?....Here're my final words: First, put the AnalyzeUA.VBS in desktop, and double-click on it. It will give BIOS release identificator in a message box.For your machine. Copy it from the message box and put it into arrayAllowedHosts(0)= "PUT BIOS RELEASE IDENTIFICATOR CODE HERE" section of ProtectUA.VBS. Another point, look into the ProtectUA.VBS. Here, Dim arrayAllowedHosts(1) means you're readying this script to allow two machines(0 and 1), and that's why there are arrayAllowedHosts(0) and arrayAllowedHosts(1). In this way you can add as many AllowedHosts as you wish keeping in mind that numbering starts with 0 and not 1. Check, the working of ProtectUA.VBS by keeping it along with wscript.exe (take it from system32 folder) on your desktop. Drag and drop ProtectUA.VBS upon wscript.exe, if all goes well your zip will get extracted at C:\. If not, you get error message, which automatically draws your attention to the line and character in .VBS where the error actually is. Do all these with caution, as your NTLDR is at stake even if you seem to be the only AllowedHost! Hope, i explained you the foremost things needed. Download the "Protection.Zip" attached below. It has all you need. Contact after you try the method. Thanks, at last someone found it interesting..... ====MOONLIGHT SONATA Protection.Zip

I've 2 Machines. One has "Intel Inside", and the other is AMD. I'm facing problems with Intel Drivers. The .INF files in Intel Package doesn't contain any "sourcedisk files" type information. For that reason loading just .inf files into the $OEM$\$1\Drivers\Intel folder is not reaching the desired result. I've to manually install Intel Graphics Driver Update and Chipset Driver Update after XP installs its Default Drivers for the same. My AMD machine has MSI's Motherboard with VIA chipset, and there i've nothing to worry. Is there any simple solution to this problem? I'm deep into my UACD Project and i've no intention to prepare 2 UACDs for Intel & AMD seperately, neither i wish to install Drivers from Windows Post-Installation Wizard. My next question is , how a particular driver fileset be packaged into a CAB file and make XP to extract it like Driver.CAB during installation and the instructions to do so be integrated inside drvindex.inf ? I know there are a lot of tools available in the forum(e.g. BTS Driver Pack, Driver Compression Tool, etc.). But i'm reluctant to use them at the first place; These are doing these jobs quick and easy. I don't want to know Syntax, I want to know logic. This has compounded my misery most. I don't want my UACD Project get enriched at the expense of my own knowledge. Waiting Kind response...Logic....whatsoever...

Dear, Bhurtel, A topic started by me just finished 1 day before. Here's the link: http://www.msfn.org/board/index.php?showtopic=48523&st=0 Protection Of UACD from unauthorised copy and piracy reched its zenith at the above link. If you've any further input about the tried method, please let me know. The WMI class query Method employed there can't be changed, rather can be improved if you find something relevant on the issue. ====MOONLIGHT SONATA

@ Fritz, Incredible Improvement from the last version. Here're a few questions: 1. What's the purpose of putting image.jpg inside the ZIP? I mean, if you pack it's choice inside the EXE, then there's no chance implementator getting to put his own .jpg. Pls, ensure selection from the strings.txt as this'll allow the user to use relative path for the image file. That's true, of course, if you change the technique to use the image. 2. Very nice font, text and context, you used. but i wish that you improve the TXT file in order to include different font size support for string_title and string_text seperately. 3. Why theImage.jpg is applied in the end? What idea came to your mind? pls, elaborate. finally, i appreciate how you've progrssed so far. Remember, as a Starter of this Topic, i already recieved a lot of flak for such a "silly" idea. What is "silly" for them is "holy" for me. I request you to pursue this project to achieve an end product that'll be loved and embraced by those people particularly, who found it sillyand a stuff for kidz. ===MOON

2 Fritz, Here I go. 1. Suppose i've been helped by a forum member in creating driver package. Credits should go like this : Driver Compression : XXXXXXXXXXX or, Driver Compression XXXXXXXXXXX Controls like these should be in html.txt remember, credits should go not by just member name, but alongwith in which category his help came from. 2. You used XPize's Hacked Royale Wallpaper. Very nice. But i'll prefer a mere black background. As a color, black has some sort of serendipity, some sort of inevitability attached to it. Black always forecast that end is waiting in the wings. I'm saying this because you put the selection of background automatic by packaging it inside the EXE. Better to leave the choice into the TXT file. Anyway, Very Nice. Hope to see some Add-Ons quickly. ========MOON

Sorry, Martin, xtremely sorry, script is working flawlessly. No problem at all! I was getting "Permission Denied" message just some NTVDM.EXE file was running in the background and it was denying the access to CzecMate.ZIP. From Task Manager i had to terminate a lot of NTVDM.EXE in order to delete the zip file. Now, all is well, nothing to worry about, Mate. Extremely Satisfied to see the script working! You made history in Forum, Martin, History Working of the script is such that some feeling of eternity is attached to it. The Principle on which you based your Script working, will stand all sort of testing in all time frames. Unless, PCs aren't made in any other way, your script-based Protection will work seamlessly and endlessly. Thank you. I never wanted it to work for me only. I wanted it for the whole UACD builder community. But, as things stood out, Only I can thank you now. But, as the script works in such a manner that it will be still valid after say 1 year, i see some light in to the future.Some day some other Member will find it useful, surely. I will make a PM to you tonight(not now, Mate, as i'm heading for Office). The way our interactions started, i want it to come full circle. Till then, no need to worry about MOON's Script, Mate!

@ Thanks, Fritz, Seen the Flash in between. Great work, needs a lot of refinement input for it to be greater!. Coming next day, with all suggestions that my grey cells can produce. Good night.

@Martin, leaving right now, Mate. I'm in forum at a stretch for 3 and 1/2 hrs. see you tomorrow. let me to leave friend. Sleep is coming, only sleep.exe can restrict me from bed, that to be only for a few secs. BTW, good night.

@Fritz, Downloading right now. Can only comment upon it tomorrow. It's already 15 mins past 2 AM. My brain needs rest to give some amazing feedback to you. Pardon me, thanks a lot for your effort tonight. I can only leave forum if you grant permission of departure. Please sign with a post, Mate. ===MOON

Now i've deleted Pkunzip.exe part from the script and only deletefile line now is linked to CzecMate.zip. Can you imagine what error this script gives me now: Permission Denied i'm mad now. find no logic in error messages. pls, help

Which 3 files Martin? Last script gave me error like this (i've no ProtectUA.zip, so i deleted tht part): PKUNZIP.exe smoothly deleted, but not czecmate.zip. not explainable, it defies any logic.

Nope, not working, still... both the zip and exe still doing the xtraction job nicely. what to do? i've just copy-pasted your into notepad. does that can generate error? 1st error comes at line 44 and i hope it's true for line=45 also. waiting for the workaround...

2 Martin, same error message after inserting your latest modifications. Now, i moved wscript.exe and protectUA.vbs into C:\, even then the error persists.

@Martin, In my case line 44 and line 45 is : objFSO.DeleteFile "C:\ProtectUA.zip", True objFSO.DeleteFile "C:\Pkunzip.exe", True I wonder why your .vbs is different from mine? Can't figure out.

yep, i tested it from desktop with wscript.exe. Czecmate and Pkunzip are in C:\. Do i've committed error, let me know.

2 DonDamm Thanks for your gesture as well as your interest. Well, the flash movie, as suggested by Fritz, is going to be in EXE format with textual contribution from a TXT file. It will run before Shutdown.exe, and go into oblivion with shutdown.exe. I mean...Gone in 60 Secs...Simple. Watch this space for Fritzs' post. i'll be glad if you also test the Fritz file along with me. =====MOON

@Martin, Script is working well upto extraction of ZIP archive. Then, generates error in case of file deletion at last. Here's the message that i get: ******************************* Line: 44 Char: 1 error: Object required:" ******************************* Relieved to see you getting back to work..Missed you so much all the week. =====MOON

@MHz Extremely blessed by your advice. I really, from the last try, calling ierunonce.dll manually, but from inside the RunOnceEx.cmd file. Does that made the difference? My RunOnceEx.cmd is,as of now, like this: SET KEY=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx REG ADD %KEY% /V TITLE /D "Software Installation Window" /f REG ADD %KEY%\001 /VE /D "Preparing Installation Profile..." /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\CMDBOX\PREPARE.EXE" /f REG ADD %KEY%\002 /VE /D ".Net Framework® Package 1.1" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\DotNet\DOTNETFW.EXE" /f REG ADD %KEY%\003 /VE /D ".Net Framework® Package 1.1 Service Pack 1" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\DotNet\netfxsp1.exe" /f REG ADD %KEY%\004 /VE /D "Microsoft® Windows Installer 3.1.4000.1823" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\WINSTALLR\WindowsInstaller-x86.exe /quiet /norestart" /f REG ADD %KEY%\005 /VE /D "Visual Basic 6 Service Pack 5 Run-Time Library" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\MSVB6SP5\vbrun60sp5.exe /Q" /f REG ADD %KEY%\006 /VE /D "Windows® XP Service Pack 2 Support Tools" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\SupTools\suptools.msi /qn" /f REG ADD %KEY%\007 /VE /D "Microsoft® JAVA Virtual Machine" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\MSJAVAVM\msjavx86.exe /q" /f REG ADD %KEY%\001 /V 2 /D "taskkill /F /IM msjavx86.exe" /f REG ADD %KEY%\001 /V 3 /D "%SystemDrive%\Install\MSJAVAVM\MSJAVWU.EXE /q" /f REG ADD %KEY%\001 /V 4 /D "taskkill /F /IM MSJAVWU.EXE" /f REG ADD %KEY%\008 /VE /D "Microsoft® ClearType® Tuner" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\ClearType\ClearTypeTuner.msi /qn" /f REG ADD %KEY%\009 /VE /D "StartUp Control Panel Applet 2.8" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\StartUpCPL\StartupCPL.exe /Q" /f START /WAIT rundll32.exe iernonce.dll,RunOnceExProcess REG ADD %KEY% /V TITLE /D "Installing Microsoft® PowerToys™" /f REG ADD %KEY%\001 /VE /D "Microsoft® HTML SlideShow Wizard" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\PowerToys\HTMLSlideShowSetup.exe /s /v/qn" /f REG ADD %KEY%\002 /VE /D "Microsoft® Power Calculator" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\PowerToys\PowerCalcPowertoySetup.exe /s /v/qn" /f REG ADD %KEY%\003 /VE /D "Microsoft® Image Resizer" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\PowerToys\ImageResizerPowertoySetup.exe /s /v/qn" /f REG ADD %KEY%\004 /VE /D "Microsoft® CD SlideShow Generator" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\PowerToys\SlideshowPowertoySetup.exe /s /v/qn" /f REG ADD %KEY%\005 /VE /D "Microsoft® Time Zone 2.1.25.0" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\PowerToys\TimeZone.msi /qb" /f REG ADD %KEY%\006 /VE /D "TweakUI™ PowerToys® 2.10" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\PowerToys\TweakUI.msi /qb" /f START /WAIT rundll32.exe iernonce.dll,RunOnceExProcess REG ADD %KEY% /V TITLE /D "Installing Windows® XP Media Center Package" /f REG ADD %KEY%\001 /VE /D "Microsoft® Windows® Media Player 10.0" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\wmp10\mp10setup.exe /Q:A /R:N" /f REG ADD %KEY%\001 /V 2 /D "%SystemDrive%\Install\wmp10\dfxwmp.msi /qb" /f REG ADD %KEY%\001 /V 3 /D "%SystemDrive%\Install\wmp10\SkinCopy.cmd" /f REG ADD %KEY%\002 /VE /D "Windows® XP Winter Fun Pack 2004" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\WinterPak04\XPWinterFunPack2004.msi /qb" /f REG ADD %KEY%\003 /VE /D "Paint.NET v1.1" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\Paint.NET\PaintDotNet.msi /qn" /f REG ADD %KEY%\004 /VE /D "LongHorn™ Clock 1.62b" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\LClock162b\LC162b.exe" /f START /WAIT rundll32.exe iernonce.dll,RunOnceExProcess REG ADD %KEY% /V TITLE /D "Installing Microsoft® Security Pack" /f REG ADD %KEY%\001 /VE /D "Microsoft® Baseline Security Analyzer 1.2.1" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\MBSA\MBSASetup-EN.msi /qn" /f REG ADD %KEY%\001 /V 2 /D "taskkill /F /IM mbsa.exe" /f REG ADD %KEY%\001 /V 3 /D "taskkill /F /IM iexplore.exe" /f REG ADD %KEY%\002 /VE /D "Microsoft® Anti-Spyware Beta 1.0.614" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Install\MSAnti-Spy\MSAntispy.msi /qn" /f START /WAIT rundll32.exe iernonce.dll,RunOnceExProcess REG ADD %KEY% /V TITLE /D "Opening Post-Installation Software Pack" /f REG ADD %KEY%\001 /VE /D "Windows® XP Post-Installation Wizard" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\CMDBOX\WPI.EXE" /f START /WAIT rundll32.exe iernonce.dll,RunOnceExProcess REG ADD %KEY% /V TITLE /D "Finalizing Installation Tasks..." /f REG ADD %KEY%\001 /VE /D "Post-Installation Disk CleanUp" /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\CMDBOX\CLEANUP.EXE" /f START /WAIT rundll32.exe iernonce.dll,RunOnceExProcess EXIT Elaborate, if this is the root cause. If i remove calling multiple ierunonce.dll , then will this problem be removed? Thanks.

2Maverick I'm not bored at all, at least not my brain. I don't know what you think about this Forum a.k.a MSFN, and i don't know how do you pursue this forum search. I can tell My philosophy only! And that's it: By god's grace, all of us got our hand into something which is made and conceptualized by Microsoft. And their product is pretty good,if not brilliant, at doing what it was intended to do. Then why and for what we are roaming through this forum? MSFN as a forum is, of course to me, a platform where every passenger and every passerby only computes and disputes; where every discussion by members about Bill Gates' products are centered around Linus Torvalds' Dogma. Here what you leave behind is always paid back to you by someone who pays even remaining as distant as our North Pole is from our South Pole. Don't you feel our interactions has enriched ourselves so much that we get a chance to shower mutual respect towards each other? And if you agree, don't you agree everybody's UACD-ROM is the ideal place to digitize that? I'm here not only to take but also to give, and if not giving something is possible because of some reason, then i should acknowledge what i got and from whom. But, Maverick, this "boring" idea came to my mind not because of what i said right now. It is because we already have passed the starting of this bootable cd-rom in hands of Microsoft, that's a binding upon us. What ever we members done for this project is beginning after the beginning by Microsoft. Those 60 secs i really felt embarrassed that the ending also belongs to the ALMIGHTY. Why should it be? It should die its death, at our hands, peacefully, joviously and of course, silently. That should be its destiny. Do you agree? it's your choice, and if disagree, then it's simply Maverick's Choice. isn't it? @Fritz Saxi It's working? Voila!! Meet you tonight Fritz. Good Luck. ====MOON

@ Incroyable Hulk, thanks for the link. I've tried your idea much before i started this topic. it is from your priceless advice that i could hide $OEM$, WPI, etc. But i faced a problem. if anybody has an iota of info about the existence of a $OEM$ folder inside, he can enter into it from command prompt, by just CD $OEM$...and then with DIR, he can get all subdirectories at his mercy. I know you'll tell to hide subdirectories inside, but this way i had my $OEM$ folder not at all copied during setup. How to overcome this? BTW, can you suggest how i could use Encrypted Admin Password inside the winnt.sif file? Pls, find time to respond. ===MOON

@Fritz Saxi, Thanks for your kind response. We'll be grateful to you if you start compiling the flash movie. You are right, content of the movie should be dynamic as credits for members is really a preferential choice, so it must get feedback from a seperate text file. Until Now, only you came up in favour of this idea,but, i know in the end a lot of people will appreciate the flash movie. I mean APPRECIATION=INCORPORATION!!! One point though. i realise the text file would be complex, as i also want some input about the person to be acknowledged to be incorporated into the movie... some sort of introducing little bit of info about a person. I want it specially because after roaming through this forum i've got a lot of experience about a members' antics, what they do for living and from where they hail, etc. You've to guide us with the model Text file also. Let's GO! ===MOON

Yesterday , i was installing My UACD with the latest modifications that i seemed to include inside it. Installation ran fine, and finally at the Cleanup-Cum-Reboot stage, as usual, Shutdown.exe alerted me that the machine is going to reboot in 60 secs. I waited for these 60 secs, passing every second 1 by 1, staring at the window. Then, suddenly i thought, can we members, not be able to use these 60 secs in an intelleigent, artistic, and faithfull way? Then came this irritating idea in my mind. Is it possible to run an acknowledgement card moving vertically upward in a manner and pattern that we see used in movies and Games? A black screen of credits having information about how an individual members' Project is enriched by other members who helped him sitting lands and oceans away? What i want to say is, as a very senior member of International Institute of Dacoits, i am clever enough to steal, literally, efforts of others and pack into my UACD. Yeah, i want to remind myself of their efforts everytime those 60 secs are counted. In this forum, every member is helped by every other member in every other possible way. Is it not a fitting tribute to those who helped a particular UACD Project of a member. My problem is that i've the memory of an elephant. i still remember each and every member by their forum name whose advice and code is embedded in my UACD project. I hope you understand my point. An acknowledgement screen as the last part of things happening will be the fitting tribute that we all can give to all of us. if anybody finds it worthful, we can elaborate it further. Thanks, for this long reading.

Hi, Fellow Members! I have some questions which are, may be, already discussed and settled earlier. Here are they: 1. Is it possible to restrict viewing of winnt.sif from some unauthorised eyes? What i basically want is that winnt.sif will not be viewed in Windows explorer by opening with, say, Notepad.exe, at the same time Windows XP will not complain about its integrity during setup, as it sometimes does about txtsetup.sif. 2. In winnt.sif we can use EncryptedAdminPassword to use Administrative Password in under encryption. How to do that? 3. When during setup RunOnceEx.cmd runs actually. And when runs any command file or other file set earlier in [GuiRunOnce]. Which .cmd file is called upon 1st: RunOnceEx.cmd or the one set in under [GuiRunOnce] section. I ask this question specifically, because until yesterday My RunOnceEx.cmd file instructions were carried out after PC reboots (i.e. after XP setup removes any temporarily used files used during installation and then reboots the computer.), but from today RunOnceEx.cmd instructions get carried out at T-13 mark during install, although the only change that i've done is adding a command referrence in [GuiRunOnce] section. 4. Does cmdlines.txt or runOnceEx.cmd ever get copied to HDD during install? If yes, then how their traces are removed after setup reboots a computer. 5. Is it possible to pseudo-hide the CD Key in Winnt.sif?