perlabsrat

Member
  • Content count

    27
  • Joined

  • Last visited

Community Reputation

0 Neutral

About perlabsrat

Profile Information

  • OS
    Windows 7 x64
  1. Using wevtutil al <FileName.evtx> worked for me. One thing I did not understand was the syntax of the [/l:<LocaleString>] I tried using: /l:409 /l:1033 and /l:en-us Since it worked without the need to specify that switch I am ok now but i am courious what the syntax of this switch is supposed to be..
  2. Hello, I have been searching the web and cannot seem to find a good answer on this. I sort of understand the cause but need some help on the solution. I use the following command to export windows system logs. I want/need them to be in evtx format for later use. wevtutil epl system c:\SystemEvents.evtx The goal is to send them to other people which will not be viewing them on the same server. This of course cause the full event text to not be part of the exported log and the user will see something like this: The description for Event ID XXX from source Server Administrator cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: I was reading this page: http://technet.microsoft.com/en-us/library/cc749339%28WS.10%29.aspx and found this snip of info in it: I do not understand what location (or process) this statement is referring to. There is no LocaleMetaData folder anywhere on the server so I am assuming that I need to somehow create and export some additional data along with the evtx file for it to then re-merge back on the viewing system. Am I on the right track here and could someone tell me how to fully export the event log this with will full verbose messages? Thanks.
  3. Yes that is the goal here. There are plenty of macro applications but I am looking for a way to simply replace this key stroke with another app. Thanks.
  4. I have been searching here and on the web for a way to change the default action of pressing WIN+E. most "solutions" refer to using AutoHotkey and a slew of reg hacks that dont seem to work. Without using any 3rd party utilities does anyone know of a way to run say calc.exe when the user presses Win+E under win7 ? Thanks.
  5. Right but even with /f used there are still times where the system will hang at that dialog. There are even times were i disconnect the RDP, then go to the remote system and logon and do a shutdown and with no RDP connection it still tells me that people may be connected. What i am trying to figure out is a way to bypass the check for existing connections. Thanks...
  6. Hi, I use RDP on some XP machines and use shutdown.exe via a batch file on the remote system to either reboot or shutdown the systems. The problem i get some time is the action is halted by a dialog stating "other people are connected to this computer". Is there a reg hack or some other option to bypass if it prompts me? Thanks...
  7. Does the xml need to be injected in the wim images or is this a file that gets dropped somewhere on the server?
  8. None of the installs are unatended, I need the uesrs to go through the manual steps of performing the install for the type of work we are doing. I am just looking for a hack to bypass the need to authenticate on the pxe/wds server before picking what OS to install. Thanks.
  9. I have a server running 2k8 and WDS so we can do PXE installs. I am wondering if there is a way to bypass the need for typing in the server name and a user/pass to logon. We do not need the security in our lab and I would like the server to be open to anyone who hits it. Currently we do the following steps: Step1: User boots server Step2: User hits F12 at 'Press f12 for network service' prompt Step3: User selects X86 or X64 depending on preference Step4: User chooses language, clicks NEXT and is then prompted for domain\user Idealy I would like to not be prompted for the domain\user but even if all they had to do was hit enter at this screen would work. Does anyone know if this is possible? Thanks...
  10. I was wondering if there was a way after the os is installed and without using the gui to "ADD Features" that I could script an install of SNMP. I already have a reg file with the settings but I need to find a way to install the components as well with no user interaction. Does anyone have any idea on how to do this? Thanks.
  11. Like this perhaps? Switch -HP[pwd] - encrypt both file data and headers -------------------------------------------------------------------------------- This switch is similar to -p[p], but switch -p encrypts only file data and leaves other information like file names visible. This switch encrypts all sensitive archive areas including file data, file names, sizes, attributes, comments and other blocks, so it provides a higher security level. Without a password it is impossible to view even the list of files in archive encrypted with -hp. Example add the file report.txt to the encrypted archive secret.rar using the password 'fGzq5yKw' WinRAR a -hpfGzq5yKw secret report.txt
  12. Try Magic File Renamer - http://www.finebytes.com/mfr/ look up the function called "Replace List" then you can put each char in a txt file and have it replace the string(s) when found
  13. Hello, I'm playing with XP Tablet PC and trying to use an sif in the i386 dir of cd1 to do an unattended install. The install works fine, all my settings are applied, however it will not prompt me for cd2 so I end up with a plain XP install with no tablet addons. I worked around this by re-inserting the cd1 and it let me do an upgrade inside windows. Then it did the disk prompt for cd2 but this is lame to have to do the install twice. Any tips on why the 2nd cd was not called for and what could be done?
  14. Its been a while since my last post on this topic. I'm still searching for a firewall that will allow for this level of granularity when auto generating rules. I have looked into all the replies to this thread and each suggested firewall was lacking on one way or another. So if anyone else has any other suggestions i would appreciate the feedback...
  15. I tried Clipboard Magic for a while but it kept crashing so I had to abandon it. Ill look at some of the others posted here and see what works best for me.