Tripredacus

Interesting, I know of a DOS game that doesn't poll the clock, but only once when the program is launched. If you leave it open for over 12 (or 24) hours, the time will go over 24:00. I've seen it over 38:00 but I learned to just not run the game for that long. I do not know if the clock is used for any calculations, it seemed to work normally on the wrong time.

You'll need to trace or debug the application to see what it is looking at to determine what OS is on the host.

Is there any particular reason why the current name "New Moon" is not a poll option and (apparently) cannot be used?

Welcome to the MSFN!

This current trend of spammers creating copy topics and posts is starting to get annoying.

Disable "Controlled Folder Access" in Defender. ref: https://www.tenforums.com/performance-maintenance/129008-chkdsk-f-fails-unspecified-error-occurred.html

I am on Windows 7, but look at the second line of the link I posted. To me (at least) the cacls explanation for usage is laid out easier than that on the icacls page. However, icacls doesn't support SDDL like cacls does.

You should be able to get into the bios setup with no HDD installed. Since it is a notebook try this. Power it off. Remove the battery and unplug AC adapter. Remove HDD. Press power button. Reconnect AC adapter but leave battery out. Turn on and see if you can get into bios. It might take a few tries. Just so you are aware, a misuse of terminology happened here. It is best to point it out because it can cause confusion in certain circumstances. UEFI is a firmware type and a booting method. A disk cannot be UEFI. It can have a GPT disk type as well as an EFI boot application, which will only boot on UEFI firmware or firmware with UEFI support.

Welcome to the MSFN!

Take a look at this Answer: https://answers.microsoft.com/en-us/windows/forum/windows_7-hardware/windows-couldnt-automatically-bind-the-ip-protocol/a2f074cf-be62-435e-b951-42dfbb9351c2 I also have read that some antivirus programs can prevent he binding to occur.

I suspect ACL issues. The security context that Paint runs under may be different than with the Office Picture Manager. Windows Explorer isn't always accurate when showing whether a file is read-only or not. I would recommend going to the command prompt and using attrib to see. Example: E:\Brute!\msfn>attrib installer.bat A E:\Brute!\msfn\installer.bat E:\Brute!\msfn>attrib remover.bat A R E:\Brute!\msfn\remover.bat E:\Brute!\msfn>attrib -r remover.bat E:\Brute!\msfn>attrib remover.bat A E:\Brute!\msfn\remover.bat E:\Brute!\msfn> The attrib command is only showing the file system attributes, A is archive, R is read-only. Two others may appear S for system and H for hidden. Any user accoun in the Everyone group should be able to change any file with A or H attributes. R cannot be changed by anything, and S may only be changed by an Administrator account or one of the security contexts. You can then use cacls to view the security priveledges of files: E:\Brute!\msfn>cacls remover.bat E:\Brute!\msfn\remover.bat BUILTIN\Administrators:(ID)F NT AUTHORITY\SYSTEM:(ID)F NT AUTHORITY\Authenticated Users:(ID)C BUILTIN\Users:(ID)R In the above example, R is Read, C is change and F is full control. An account in the Administrators group can do anything with this file, but an account in the Users group would only be able to read it. An account in the Users group would recieve a message similar to what you had gotten, that the file already exists and cannot be saved, that the file is read-only and/or that you can save it with a different file name. You can use cacls to grant permission to files or directories. https://ss64.com/nt/cacls.html

It is probably because the enhanced security mode is enabled by default on IE on Server OS. With luweitest PoC above, does this always depend on creating an ActiveX control? If so, aren't we well past the point of even thinking of having ActiveX enabled on a device that can access the internet?

The Pittsburgh Penguins tweeted a video about how watching videos online in the 1990s was like and besides not showing 240i RealPlayer videos, they also think Windows XP was the predominant OS of the era.

On the old version I had downloaded, the sample ULs inside of the ULz (you can open those with an archiving program) have links to microsoft.com.

I use it, but on Windows 10. It is an actual program, not something I ever have run in a browser. I recommend you do not use that method of hiding details. Use solid block pen type, use Black or similar color to the text you are trying to hide. Using red in this way means you can easily use a "decoder" image to view and get the text underneath.

If it were me, the 0patch solution is no solution at all, as long as it requires communicating with an external web server that may some day disappear from the internet.

This is a copypasta of this post, for whatever reason: https://msfn.org/board/topic/177638-need-help-getting-error-failed-to-set-data-for-start_searchprograms/ The answer, which apparently is not on the original thread, is: "Do not use compatibility modes on program. Find Start_searchPrograms value in your registry and delete it." Which comes from this page which also has the same exact question: https://muut.com/i/startisback/general:need-help-getting-error-fa

You can also run a trace on Internet Explorer to see if you can find any errors when trying to process a page. I would create a .htm file with just a .png sourced in the body. Open Internet Explorer and set it to about:blank. Then open Procmon and set iexplore.exe to included processes. Put the path to the .htm into the address bar, start the procmon trace, then press enter on the address bar. After the page quickly loads, stop the trace and save the PML. You can then look for yourself, but if you need help looking at that output, you can zip the PML and attach it here.

Regsvr32 will give this error if you attempt to load a file that cannot be registered with Regsvr32. It says that in the message, the "no entry point" part means that the DLL is not designed to be registered. So this error is normal. Unless, regsvr32 cannot register any DLL, then that would be a different story.

That IPv6 seems to be reserved, or part of the route and not the destination. You could disable IPv6 and then perhaps have a better understanding of where the program goes... or you can look at the UL you are using and see the links to the updates are right in there.

Moved to software hangout.

It doesn't hurt to try. The problem with a WinPE is that it will acknowledge ACLs on files and folders, especially where the folders match protected ones and accounts or security contexts that also exist in the WinPE. It is because WinPE will still have the underlying security components that the full Windows OS does. So as a result, some files may still be locked or not even visible to a WinPE just as it would be in the full OS. That is why the best method (for outside of the OS work) is to use an OS that supports NTFS but does not have those security components. Otherwise, whether you are in a WinPE or in the full OS, you would need to use some tool such as the ones above to run under a different security context or account. It could still be done manually by changing the ACLs, change the file, and then set the ACLs back but it is quite tedious.

"Step 1: Log off from the current account by pressing Windows+L." That shortcut doesn't log off the account, it is for locking the workstation.

There is some difference, as you need to use files from 98SE, ME or one of those patches to get USB 2.0 to work on Win98FE.

IIRC TrustedInstaller is a security context and not actually a user. If you really need to make the file change with the OS booted, you can try to run a CMD as SYSTEM (Local System) and see if that grants you a high enough priveledge to make the file change. Here is a tool from NirSoft that should give you the ability to run something as system (among others): https://www.nirsoft.net/utils/advanced_run.html Even so with a CMD as system, file attributes may prevent a file change. If the file is not in use, you can Move it out of that folder, and then move the replacement file into that folder. This way, there is no over-write. You may have to use attrib on the file to get it out of there. If you can do this work outside of the OS, such as from DOS or Linux, you won't have to be worrying about ACLs. If you do the work from inside WinPE, you may run into the same problems as with the OS.