• Content count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About mraeryceos

  • Birthday

Recent Profile Visitors

767 profile views
  1. Maybe what shows in the security catalogs, are the encrypted versions of the SHA1 hashes? They may be encrypted with a public key, and only MS would have the private key. I don't know, I'm just taking guesses.
  2. Maybe this: Not sure what a "section" would be.
  3. I took the hash of shell32.dll.mui, that I pulled from a zh-tw language pack File Version: 6.1.7601.17514 (win7sp1_rtm.101119-1850) Modified: Saturday, November 20, 2010, 6:21:18 AM MD5: 20AA0D4DB61152CBC4D9A96964A98A48 SHA1: 33217BEE852DAE99DD89CC62554F74EBAE8A960C CRC32: 723E04A0 I searched for the SHA1 within all the files in the No result. I opened one cat file at random, then copied one of the hashes from it, and searched again in for this hash string: result is the cat file from which I copied the hash. Maybe they don't include the PE headers in the hash calculation?
  4. The hashes in the Security Catalog, are SHA1 in length
  5. Hopefully with the last edit, what I was trying to say makes sense!
  6. I calculated SHA-1, using a program called Hash. I searched for the this hash inside the cat files, using a program that searches within files, but can't find it. If I search with this program for a hash I know is in one of the cat files, I can find it
  7. When I take the hash of a file, and compare it with the hash in the Security Catalog, it doesn't match up. Maybe the hash listed in the catalog is not of the whole file, just important parts of the file? If so, is there a tool that will calculate the hash in the Microsoft way? I could use makecat, but it is a pain having to make a text file before getting the hash. I haven't tried it yet, so neither do I know if it will work. Also, I can see a list of hashes in the cat file, but I don't know the corresponding filenames. Is there a cat file viewer that lists the filenames that correspond with the hashes?
  8. The goal for me, was to have less use of system resources. So my thinking, was that in not having something installed, there would be less chance that unwanted processes/actions would run in the background. For example, installing a component, might register an additional service, using memory and cpu cycles. If I don't need that service, why install? Just copy the files over, in case some app had a dependency on a particular file the component has. This is my thinking, but I don't know to what extent it is correct.
  9. expand -r /switch Where switch means, don't dump the files all in the same folder. Nest them where they would go. See attached 32 bit example.
  10. Is there a way to extract component cab files into a directory structure (as they would sit in the windows directory, but in a separate folder), that would make it easy to just copy-paste the files of a component into the windows directory? It would make it easy to experiment if Windows needs the registry entries for certain files, or if it will work with the files just placed into system32 and so on. For example, I can get by without installing the component "security base". Without the files manually copied from security base into the windows directory, I can't use regedit to merge a reg file. With the files in place, but not installed, I can. Come to think of it, I don't know if "security base" is a win7 component. I am working with Windows Embedded Standard 7: I just use it at home for my own system. It was my choice to use it as an alternative to 7customizer, rt7lite, etc.
  11. Bump
  12. Ok, you can attach *.zip files, but not *.log files. Makes more sense to attach all the logs anyway.
  13. On Windows 7, the flash drive was auto-formatted with FBinst. [/] align [/] copy BPB, fat32. The flash drive worked ok. After using it a few times, I went to add another OS and it gave the MBR error message. Trying to upload the log files: Error You aren't permitted to upload this kind of file I reduced it to 93KB, but still no... .
  14. cd\ cacls "system volume information" /t /g everyone:f rd /s /q "system volume information" I then create dummy file "system volume information" and modify the ACE to be: deny full control to nt service\trustedinstaller deny full control to system I set {computer}\administrator as owner Result: "system volume information" folder gets recreated anyway! (upon restarting the system, for example) How is this possible?