Tripredacus

Instead of running the virus scan, you can run hijackthis or an adware scanner instead to see what the cookie is.

Its possible that your MBR is busted. Usually this message you are getting means that your computer can't find the hard drive. The PXE error is because you have network boot enabled but there is no DHCP-Relay server on your network. By putting it in another computer, do you mean you tried booting off it, or use it as a data drive?

I posted the link to that HTA because Geezery used a COM Object to get the info from the WIMs, which may have been the same info you wanted to get.

You usually get this message, not because the ntoskrnl.exe is missing but likely one of its dependencies got removed, moved, corrupted or was updated by a third party. In other words, ntoskrnl needs other files to load, but if they are missing or aren't correct, it can't. Then when the next step in Windows load process looks for ntoskrnl and it isn't running, it says that it is missing. If you are lucky, yes you can replace the ntoskrnl using the one on the Windows CD. You may have to make use of the EXPAND program, and either use NTFSDOS or the Recovery Console. Also, if you happen to be on a network, you may be able to replace the file that way, but only until you change its attributes. I believe those would be -R +A -S -H. But you would have to reverse that after replacing the file, so +R -A +S +H.

You might need to use Microsoft Update (its different than Windows Update), or do a search in MS Downloads. http://www.microsoft.com/downloads/Search....?displaylang=en

Well it isn't always because of the HAL. XP will usually work with the incorrect HAL loaded. What it probably is the mass storage controller, but no one can say for sure unless the exit code on the BSOD is posted. Your best bet, starcraftmaster, is to use that drive as a data drive.

If it shows you MUP.sys that means it loaded properly. The file that is causing the problem is what loads after MUP.sys. You could try a repair install of Windows if you are concerned about keeping your settings.

Where did it find it, what was it called, and what was in it?

Is Juno still around?

You might have to sysprep first, hopefully both boards have the same revision. XP shouldn't care so much but Vista will.

Copy the SDB and SDBINST into your PE WIM. You might want to run Depends on SDBINST to see if it requires any files that aren't in the PE. If so copy those in there too. If any are OCX or DLL you might have to run regsvr32 before running the command down there. Boot into the PE. So run this command from your PE sdbinst c:\windows\apppatch\100apps.sdb -q I am not saying that this will work, but it would be how I would test to see if it works.

It should be the same as long as you are using the same filesystem for both methods.

From the "Unattended Windows Setup Reference" Otherwise, you can script your pre-install using Diskpart to always create that drive letter for an additional volume.

This information IS available, but only if you have access to it. For example, I have access to MSOpen and the OCE, most people don't. Which is why when I talk about things like OfficeReady, people can't find information about it. Its the same idea. Its out there but sometimes you need an account to see it.

Do you mean the back button on the browser or the mouse? What happens if you use the backspace key?

Yea it doesn't like using two different credential sets to log into one server. You shouldn't need to do it that way, just make a new user with access to the other folder or adjust the permissions on the one you are using already. Good to see you've fixed it. I hadn't set a password like that before.

It appears that DllNXOptions key is a list of DLLs known to be incompatible with DEP. As a test, adding the above registry keys, setting to 0, that w3wp.exe had tried to locate before. Now, again receiving Access Denied warning for w3svc. This happens before the event logging the stop portion of the IIS Restart occurs. This error may be a false positive. Here is a timestamp comparison: 11/11/2008 - 15:46:50 - W3SVC: DefaultAppPool terminated unexpectedly, access denied 11/11/2008 - 15:46:50 - W3WP: crashes with w3core.dll 11/11/2008 - 15:46:58 - IISCTLS: stop command logged (iis restart) 11/11/2008 - 15:47:03 - IISCTLS: start command logged (iis restart) Based on just these event logs, it would appear that when you use the IIS CPL to restart IIS, it does not properly stop servicing the Application Pools. When the listener suddenly finds that the resources it requires have gone missing (because Windows is restarting IIS) the application crashes. Note, that it does actually start up again without a problem, so this specific message might be possible to ignore altogether. So using ProcMon data when trying to view a PHP page in IE, after these changes have been made. There is no page being displayed, but there are more events logged by ProcMon. w3wp.exe now is able to find the new registry entry that was added, of course the value is 0. All other keys in that section have a 1 as their value, and it does actually start reading the php5ts.dll. Changing this value to 1. Now it appears that it doesn't read the files as much, in fact only once. New dump information. Adding kernel32.dll to ProcMon. Additional infos from ProcMon: w3wp.exe NAME_NOT_FOUND c:\windows\system32\inetsrv\w3wp.exe.Local w3wp.exe NAME_NOT_FOUND HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\kernel32.dll w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\RpcThreadPoolThrottle To continue fighting this blasted thing... yes I am now realising that I could possibly be destroying my computer here. I might add at this point that I've been trying to get this IIS and PHP working on my production computer. Not one of the test machines that I have discussed in the Unclesocks thread. Nope this computer (SKYLYNX) is my regular one... At least all my data is kept on a separate drive hee hee. Going to add the RPCThreadPoolThrottle settings. As a default, using these: http://support.microsoft.com/kb/267255 Is there ever a time where ANYWHERE in the Windows Registry, you found a helper key to show you how to do something? In the Image File Execution Options key, there is another that says "Your Image File Name Here without a path". Well adding these options came up with a WHOLE bunch of other stuff it couldn't find... w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\ExecuteOptions w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\DisableHeapLookaside w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\ShutdownFlags w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\MinimumStackCommitInBytes w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\GlobalFlag w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\ShowRecursiveDllLOads w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\BreakOnRecursiveDllLoads w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\ShowLoaderErrors w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\BreakOnInitializeProcessFailure w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\KeepActivationContextsAlive w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\TrackActivationContextReleases w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\MaxDeadActivationContexts w3wp.exe NAME_NOT_FOUND HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\w3wp.exe\DebugProcessHeapOnly That's it for today!

I tried posting on DevShed (my old hangout before here) but have found they aren't as good as they used to be. This place is much better. I gots a couple new errors to deal with here. Source: Application Error Event ID: 1004 Description: Reporting queuing error: faulting application php.exe, version 5.2.5.5, faulting module php5ts.dll, version 5.2.5.5, fault address 0x0009a0fd. Source: W3SVC Event ID: 1009 Description: A process serving application pool 'DefaultAppPool' terminated unexpectedly. The process id was '600'. The process exit code was '0xffffffff'. A possible lead: http://support.microsoft.com/kb/918041/en-us Added NETWORK SERVICE account to the IIS_WPG User Group. Now running Filemon on php.exe and w3svc.exe. Added permissions for IIS_WPG to PHP regkeys. Restart IIS. Added php5ts.dll, w3wp.exe, w3core.dll to filemon include list. Removed W3svc.exe. Restart IIS. Remarked out PHP_APC (Alterative PHP Cache) which has been reported to having a problem with multi-threaded environments. [PHP_APC] ;extension=php_apc.dll http://bugs.php.net/bug.php?id=41471 After trying to view the page in IE8, I am getting a couple NAME_NOT_FOUND messages in ProcMon. Both are RegQueryValue. In this regkey (DllNXOptions) there is no line for either of these items. This was executed by the w3wp.exe process. Added c:\windows\system32\inetsrv\w3wp.exe to the DEP exception list. This adds an 'IIS Worker Process' option to the list. Adding PHP.exe to the DEP exception list, which appears as CLI. Restarting to see if DEP changes require it.

I wish I could. Is there a mirror for this article somewhere? I can't go to that site right now. I was surprised late last week when I discovered there was such a thing as a Dual Core Celeron... Hopefully Intel's new idea is better than that one.

Has anyone determined if the WinPE supports the Application Compatibility Toolkit? http://forums.microsoft.com/TechNet/ShowPo...0&SiteID=17

Two NICs are showing up. Make sure you have the correct one connected. The first, I can tell just by looking at it: VEN_10EC&DEV_8169 is the Realtek RTL8169 gigabit controller. The second, VEN_8086&DEV_1038 is an Intel NIC. DriverPacks shows that the INF used for this device is e100b325.inf. However you probably shouldn't use the one from the XP DriverPacks (the one that I have downloaded) but use the Vista driver. To be safe, peimg both drivers into your WinPE.

Here's a starter. It refers to the serial number, but I am sure you can do it for the asset tag instead. http://www.msfn.org/board/scripting-comput...na-t110732.html

Whether it is formatted or not, you will need to have the Mass Storage driver in your Windows install. Having it formatted ahead of time doesn't change this requirement. It is so Windows can see the drive in the first place.

This isn't necessarily true. There are certain aspects of AD that will apply without a reboot. Perhaps it isn't supposed to do that, but some permissions do not require a reboot. An example would be to change a user into the Remote Desktop group without a logoff, it will allow the user to logon to Remote Desktop if previously disabled.

I do know that your script will always generate an error if there is no username given. You need to make it so if no username is given, then it doesn't attempt to connect to the share that requires it. You can set up audit rules for both the client and the server. Have it audit failed logon attempts. Of course you can only do this if you have access to the Group Policy Object Editor, which only is in Vista Ultimate and Business, but should be in 2003 or any other OS you might have on the server.