I came across this link : https://vmxp.wordpress.com/2014/10/29/stress-testing-an-esxi-host-with-windows-server-vms/
.Since I am not so good in powershell i turned the whole thing to a simple batch script:
:loop
start testlimit64 -d
timeout /t 15
taskkill /f /im "testlimit64.exe"
timeout /t 9
goto loop
Note that I got into SYSTEM ACCOUNT before doing that using PsExec. The system I am using is a VM under ESXi. But nothing is happening, even the vm is not crashing. My aim is to crash whole esxi server.
I have two VMs under the ESXi and I ran the above scripts in both of them.
Still no luck. Am I missing something?
Windows 2000 Feature Allows a Memory.dmp File to Be Generated with Keyboard
Q244139
The information in this article applies to:
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
IMPORTANT: This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information about how to do this, view the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.
SUMMARY
Microsoft Windows 2000 includes a feature that enables you to have the system stop responding and generate a Memory.dmp file (if configured to do so). The "Stop" screen that generates contains the following parameters:
*** STOP: 0x000000E2 (0x00000000,0x00000000,0x00000000,0x00000000)
The end-user manually generated the crashdump.
MORE INFORMATION
WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.
For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT or Windows 2000, you should also update your Emergency Repair Disk (ERD).
This feature is disabled by default. To enable this feature, you must edit the registry as indicated below and restart the computer. After restarting the computer, you can generate a system to stop responding by holding down the right CTRL key and pressing the SCROLL LOCK key twice. Pressing left CTRL key does not generate the system to stop responding.
Please note that the steps below will not work on Legacy Free computers, i.e., those that use a USB keyboard. For those, you must attach a debugger.
Start Registry Editor (Regedt32.exe).
Locate the following key in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters
On the Edit menu, click Add Value, and then add the following registry value:
Value Name: CrashOnCtrlScroll
Data Type: REG_DWORD
Value: 1
Quit Registry Editor.
Additional query words: blue screen force dump bluescreen crash memory.dmp
For USB keyboards a USB one was added in a later OS. This sets Left Ctrl + Space, Spece for both USB (kbdhid) and PS/2 (i8042) keyboards.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\crashdump]
"Dump1Keys"=dword:00000020
"Dump2Key"=dword:0000003D
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdhid\crashdump]
"Dump1Keys"=dword:00000020
"Dump2Key"=dword:0000003D
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters]
"CrashOnCtrlScroll"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdhid\Parameters]
"CrashOnCtrlScroll"=-
Related
How do I edit Group Policy Object "Prevent installation of removable devices" (https://technet.microsoft.com/en-us/library/cc753539(v=ws.10).aspx) in CMD?
I have a server (Windows Server 2008 R2) that is locked out as I am unable to use keyboard or mouse to as input devices when the windows login requires me to press ctrl+alt+delete. This Policy is the one causing this locked out situation as the old keyboard and mouse which I am trying to solve.
Current situation only allows me to use CMD to make changes to the system when I boot up with a bootable CD.
My server doesn't have PS2 port for the old type keyboard. Any other solution that can help me solve this locked out situation is also welcome :)
"Prevent installation of removable devices" is part of "Administrative Templates" and therefore corresponds to a Registry key.
To find out that registry key, I searched for "Prevent installation of removable devices" within C:\Windows\PolicyDefinitions\en-US\, found <string id="DeviceInstall_Removable_Deny">Prevent installation of removable devices</string> in C:\Windows\PolicyDefinitions\en-US\DeviceInstallation.adml. Then I searched for DeviceInstall_Removable_Deny in C:\Windows\PolicyDefinitions\ and found it in C:\Windows\PolicyDefinitions\DeviceInstallation.admx. The registry key is:
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions
valueName: DenyRemovableDevices
enabled Value: decimal 1
disabled Value: decimal 0
If you change that value, it will be overridden when the group policy is applied the next time -- most likely at boot time.
According to http://learnthat.com/prevent-group-policy-from-applying-to-your-computer/ you can avoid this by denying write permissions to that specific registry key. (Note, I did not test this!)
To change the registry offline, you can boot from a windows install CD, press Shift+F10 simultaneously to open cmd, type regedit, select HKEY_LOCAL_MACHINE key, click Menu File -> Load Hive..., navigate to your installations \Windows\System32\Config\ folder and select the file named SOFTWARE.
Chose any key name, that doesn't already exist (e.g. Offline_Software) and then change the registry under that key. (e.g. HKEY_LOCAL_MACHINE\Offline_Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions)
When you're done, select your loaded Hive (e.g. HKEY_LOCAL_MACHINE\Offline_Software) and click File -> Unload Hive...
To shutdown properly, just close all windows, including the setup window.
This issue is the biggest headache I deal with currently.
I have a VB6 application that receives an external data feed that I inherited a couple years ago from it's original developer. It runs on a remote server and will run fine for a month or so and then suddenly crash every time it starts up. When this happens, I look in the Event Viewer and see that the oleaut32.dll has "faulted". The fix I have discovered is to re-register the dll. The application then starts up and runs without issue. But then, inevitably, the whole issue will rise up again after a few months.
The research I have done indicates a number of issues that could cause this (malware, patches, etc.) but getting called at home every few months when this application fails again is getting old and tiresome.
Any ideas out there on how to alleviate a problem like this?
I would love to re-write the application in a higher level language, but that is not feasible right now for a number of business reasons.
VB6 is a higher level language. A lot of people ask us Basic people for help, yet slag our language while doing so.
In Task Scheduler set a task to run when that event message is generated.
so in a batch file
regsvr32 oleaut32
"c:\some folder\your vb6 program.exe"
But always include the full error message. It might mean something to me.
I would also test that server for hardware faults.
To See if a Fix is Available
In Control Panel (and select Classic view in the left hand pane) choose Problem Reports and Solutions (type problem in Start's search box), go to Problem History, right click your error and choose Check For Solution. You may also right click and choose Details for more info. Post those details here.
To See if a Recent System Change Caused It
In Control Panel (and select Classic view in the left hand pane) choose Administrative Tools then choose Reliability and Performance Monitor and choose Monitoring Tools then Reliability Monitor (type Reliability in search on Start) . This list is a chart of software installs, uninstalls, Windows updates, and crashes by date (scroll left to see earlier dates). See if your crashes started happening after you installed or uninstalled something.
Standard Hardware Troubleshooting
First lets test what hardware we can. Hardware faults can appear as many software faults, therefore we need to test hardware first..
Please do the following in order. Memory faults can cause disk corruption, disk faults can cause disk corruption. Disk corruption causes corrupted files (which SFC may be able to fix). If you get an hardware error stop and post back. Do not run chkdsk with faulty memory.
Memory Diagnostic
If you haven't run a memory diagnostic then please do so. Click Start - Control Panel - choose Classic View in left hand pane - choose Administrative Tools - then Memory Diagnostics Tool.
S.M.A.R.T
Start - All Programs - Accessories - Right click Command Prompt and choose Run As Administrator. Type (or copy and paste by right clicking in the Command Prompt window and choosing Paste).
Disk drives in Windows monitor themselves for impending failure. The feature is called S.M.A.R.T. It will detect impending failure 30% of the time. In an elevated command prompt type (it's one line)
wmic /namespace:\\root\wmi PATH MSStorageDriver_FailurePredictStatus get active,predictfailure,reason /format:List
If it's on Active will be true, if not on turn it on in the computer's BIOS.
Predict Failure should be False if everything's ok. There are two reasons.
0 Unknown
255 Test - Not a failure
In Vista and later if SMART predicts failure Windows prompts the user to run Backup.
Run Chkdsk
In Computer right click all your drives and choose Properties, then Tools tab, then click Check Now. Tick BOTH checkboxes then Start. Reboot. This will take overnight.
SFC
Check for file corruption by clicking Start - All Programs - Accessories - Right click Command Prompt and choose Run As Administrator. Type (or copy and paste by right clicking in the Command Prompt window and choosing Paste).
sfc /scannow
Heat
Heat can cause problems like this and also sudden reboots without crashing. Ensure your fans are not clogged with dust.
Processor (CPU)
Intel has a utility to check processors.
32 Bit Windows
https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=19791
64Bit Bit Windows
https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=19792
For Memory Diagnostic Results
Click Start - Control Panel (and select Classic view in the left hand pane) choose Administrative Tools then Event Viewer then look at Event Viewer (Local) - Applications and Services - Microsoft - Windows - MemoryDiagnostic-Results for entries.
Look for EventID is 1201 or 1101 and Source is MemoryDiagnostic-Results
Double click the entry for details on that entry.
For Chkdsk Results
Start - All Programs - Accessories - Right click Command Prompt and choose Run As Administrator. Type (or copy and paste by right clicking in the Command Prompt window and choosing Paste).
edit c:\bootex.log
Does this file exist with something in it?
The following commands query the event logs.
For boot time checking using source name for any Windows version (as it varies).
wmic /append:"%userprofile%\desktop\DiskEvents.html" PATH Win32_NTLogEvent where (sourcename='Autocheck' or sourcename='Winlogon' or sourcename='WinInit') get /format:HForm
For running chkdsk within Windows.
wmic /append:"%userprofile%\desktop\DiskEvents.html" PATH Win32_NTLogEvent where (sourcename='Chkdsk') get /format:HForm
For warnings about disk problems detected during normal operations and automatic repairs made by Windows at the time the problems were discovered.
wmic /append:"%userprofile%\desktop\DiskEvents.html" PATH Win32_NTLogEvent where (sourcename='NTFS' or Sourcename='Disk') get /format:HForm
Then to view the file created.
start "" "%userprofile%\desktop\DiskEvents.html"
Click Start - Control Panel (and select Classic view in the left hand pane) choose Administrative Tools then Event Viewer then look at both the Application and System logs (under Windows Logs) for entries.
Look for EventID is 7 and Source is Disk
Look for EventID is 11 and Source is Disk
Look for EventID is 50 and Source is Disk
Look for EventID is 51 and Source is Disk
Look for EventID is 52 and Source is Disk
Look for EventID is 55 and Source is NTFS
Look for EventID is 130 and Source is NTFS
Look for EventID is 134 and Source is NTFS
Look for EventID is 137 and Source is NTFS
Look for EventID is 1001 and Source is Autochk
Look for EventID is 1001 and Source is Winlogon
Look for EventID is 1001 and Source is WinInit
Look for EventID is 1001 and Source is Chkdsk
Look for EventID is 26212 and Source is Chkdsk
Look for EventID is 26213 and Source is Chkdsk
Look for EventID is 26214 and Source is Chkdsk
Double click the entry for details on that entry.
P.S. 7 and 55 are the auto repair codes where windows repairs disk errors silently on the fly. 52 is the SMART warning.
If the results don't get transferred to the event logs from a boot time chkdsk then the results are probably in the following file c:\Bootex.log. This file gets deleted when the results are moved into the event logs.
For SFC Results
Start - All Programs - Accessories - Right click Command Prompt and choose Run As Administrator. Type (or copy and paste by right clicking in the Command Prompt window and choosing Paste).
findstr /c:"[SR] Cannot" %windir%\logs\cbs\cbs.log|more
This will see which files are corrupted.
To see if it did anything
findstr /c:"[SR] Repairing" %windir%\logs\cbs\cbs.log|more
There are frequent false positives for small text files Windows uses such as desktop.ini and settings.ini. Also due to an update .mof files starting with wd may also be flagged. Ignore these.
Not sure if this is the right forum, but here it goes....
Problem Description in Brief:
I am not able to enable ctfmon.exe to execute (and to remain running) on Startup under Windows 7 Professional (SP1). I need this for the language bar on the taskbar, and the ability to switch between Chinese and English.
Problem Description in Detail:
When I installed Windows 7 Professional on my ASUS laptop, I enabled the language bar so that I can switch between Chinese and English, with the default language being Chinese (for my wife). Everything worked fine, even after installing Microsoft Office 2010, which apparently relies on ctfmon.exe for the language bar services. When I uninstalled Microsoft Office, not only did I lose the language bar, but the ability to switch between Chinese and English. The only language supported now on Startup is Chinese.
Needless to say that the option to enable ctfmon is not available under the Starup tab of msconfig. In order to enable the language bar, again, I have to manually change it via the Control Panel, only to lose it, again, every second time I shutdown and/or restart the laptop!!! It is ##$%ing annoying to say the least!!!
Note that, the language bar driver (ctfmon.exe) still resides in the C:\Windows\System32\ directory according to many of the forums I have read. I have even added a Windows registry entry to execute it at Startup according to one of the posts in the Microsoft TechNet site, titled Language Bar Disappeared, and another UK site titled Startup Details - ctfmon.exe, which believes the entry should exist under HKCU as opposed to HKLM. Specifically, I added the following entries to the Windows Registry File without any effect.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon"="C:\Windows\System32\ctfmon.exe"
and,
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon"="C:\Windows\System32\ctfmon.exe"
Since msimtf.dll and msctf.dll are related to the language bar service, I tried enabling those using regsvr32. Although they were successfully loaded, it did not have any effect on the language bar. I even tried to execute ctfmon.exe at the command prompt! It still did not activate the language bar like it is supposed to according to many of the forums I visited relating to this problem.
Short of reinstalling Microsoft Office and/or reinstalling Windows 7 Professional, any advise/suggestions on how to resolve this problem would be appreciated.
Follow the instructions below to run ctfmon automatically on Windows startup process.
Click Windows 7 start button.
Type: regedit
Open it with administrative rights.
Goto HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Create a new string value
Name it as you wish
Open it for edit
Type “ctfmon”=”CTFMON.EXE” in Value data field
Press OK
Restart your computer
Now you can see the language bar :)
Do not worry. You may try this step.
Press Windows along with R ( Windows + R ) and then run box will appear then type the path on the run box..
C:\Windows\System32\ctfmon.exe
Then press enter.
I have a VB6 application which links to several POS terminals from a Windows 7 32-bit machine. The POS terminals are mapped to the Windows 7 machine and I can access the POS terminals from the Windows 7 machine from Explorer or via the cmdline/shell.
The application has been updated to ADO 2.8 and all other controls and components I no longer had source code for have been re-written. After a few annoying hiccups, I got the application to recompile on the Windows 7 computer without errors.
Now come the problems. The VB6 application cannot see or navigate to any mapped drives! I have tried twiddling UAC settings; I have set the app to run in Windows XP SP3 mode; I have tried running as Administrator. None of these things (and many permutations of these) work.
Any suggestions on how to make this work?
Adding this registry setting solved the problem for me: http://technet.microsoft.com/en-us/library/ee844140%28v=ws.10%29.aspx.
To work around this problem, configure the EnableLinkedConnections
registry value. This value enables Windows Vista and Windows 7 to
share network connections between the filtered access token and the
full administrator access token for a member of the Administrators
group. After you configure this registry value, LSA checks whether
there is another access token that is associated with the current user
session if a network resource is mapped to an access token. If LSA
determines that there is a linked access token, it adds the network
share to the linked location. To configure the EnableLinkedConnections
registry value
Click Start, type regedit in the Start programs and files box, and
then press ENTER.
Locate and then right-click the registry subkey HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System.
Point to New, and then click DWORD Value.
Type EnableLinkedConnections, and then press ENTER.
Right-click EnableLinkedConnections, and then click Modify.
In the Value data box, type 1, and then click OK.
Exit Registry Editor, and then restart the computer.
I believe you are having trouble because casual drive mapping is per-user, and on a UAC system Administrators group users have two separate contexts (one for each token: SU & elevated).
There is such a thing as a system level drive mapping, which is one done under the System user (NT Authority\System). When you map a drive under this account, and map it persistently, all users can see and use the mapping (subject to the usual access rights for files there).
The normal way you do this is via Domain-level GPOs (Group Policy Objects), which means bribing your local box jockeys if in a corporate managed LAN environment.
One way to do this in a Workgroup machine is to map the letter as System via the AT command, from an elevated command prompt:
at 8:53 am "net use m: \\MediaShare\MyLibrary
ThePW /user:MediaShare\TheUser /persistent:yes > nul"
There the remote server is MediaShare, user TheUser, password ThePW, and 8:53 AM is a minute or two in the future to avoid accidentally scheduling this for tomorrow.
But this fails on Vista and later due to Session 0 Isolation!
So... use the 3rd alternative at Run CMD.exe as Local System Account which is the same thing mentioned by ForcePush's reply to How to map a network drive to be used by a service.
I believe that's what you are after here.
don't know if you ever figured this one out but for me it was the ChDir command (even with the registry fix above).
I had in my code
ChDir "P:\Temp\VidCap\Cam1\" 'I almost never use ChDir
Open "list.txt" For Output As #1
and all the VB6 inbuilt file commands looked straight though any operations, no errors, no nothing. I solved it by explicitly having the path, (in my code it was in a string but you could have it explicitly):
dd = "P:\Temp\VidCap\Cam1\"
Open dd & "list.txt" For Output As #1
works as expected.
hope this helps
H
Try this:
Open command prompt as administrator, and type this in:
net use Z: \\IP Address\share /user:you passwd /persistent:Yes
Change "IP Address", the "share" name, and your username and password as needed.
The author of this is howtogeek (source).
I had same problem. VB6 kept crashing when trying to access USB and mapped drives using the Commondialog method, even though the drives and files were all accessible OK via Explorer. Problem is the drives were not set as shared.
Solved by selecting the connected USB drive in explorer and then right click to
select Properties.
Select Sharing Tab
Select Advanced Sharing
Set the sharing and user rights as needed. May need to have local admin rights.
My operating system is Windows 7 32bit. I installed RedMon1.7, Ghostscript 8.71 and GSview 4.9; installations were successful.
I went to Add New Local Printer in Windows Devices and Printers, clicked on Create A New Port, and selected Redirected Port from the Type of Port list. Clicked Next and in the Add New Port window I named RPT1: and clicked OK but it says Specified port cannot be added. Operation could not be completed (error 0x00000001)
I tried giving different names to the port, RPT2:, RPT4:, VPport: etc but all gave same result. Disabled Windows Firewall and tried but it continues to give same error, Disabled the Antivirus (Avira) but no change.
What can be preventing windows 7 from adding redirected port?
BTW I was following instructions in this tutorial in order to create a postscript printer.
http://www.stat.tamu.edu/~henrik/GSPSprinter/GSPSprinter.html
Appreciate any ideas or suggestions. Thanks
Run cmd.exe as Administrator and then run:
rundll32 printui.dll,PrintUIEntry /il
from the elevated cmd.
Go to your Start Menu,
Type Print,
Right-Click "Print Management",
Select "Run as administrator",
In Print Management; Expand "Print Servers" and Select "Ports".
Right-Click in the "Ports" pane (on the right hand side) and Select "Add Port...".
I'd also recommend configuring a Port from Print Management, as opposed to trying to do it in a Printers Properties. ;)
Adam Reed describes a workaround in his blog:
http://borntoidentify.blogspot.com/2010/09/configuring-virtual-printer-using.html
Not very comfortable, but works for me ...
EDIT: This link appears broken, but here's the content:
https://web.archive.org/web/20120628120209/http://borntoidentify.blogspot.com/2010/09/configuring-virtual-printer-using.html
The gist is that under Win7, you need to run explorer with elevated rights. This can be done using another browser, or, as mentioned in the comments on the original post:
Open a CMD window by right clicking and running as administrator
Kill the process explorer.exe from the task manager
Run explorer.exe from the command prompt window, now as an administrator.
Be very careful when running explorer as an administrator.
You need to enable Admin mode OR log with the Admin account!
This is cause by the new Vista/Win 7 security system.
Try reseting the firewall (Windows 7)
(be warned tho, the firewall will reset to the default setting)
*go to Control Panel
*go to Windows Firewall
*on the left choice pick "Restore Defaults"
It works for me, i hope it works for you.
F3lix's rundll32 method works but after you've created the port you most probably would need to configure its settings. Elsewhere in the net there are instructions to open Port management as Administrator, but in Windows 7 Home that seems to be very much impossible. One can only view the virtual port settings. The only workaround I found is to edit registry directly with the Registry editor at
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Redirected Port\Ports\RPT1:
(Replace your port name in the end.)
It seams to be tricky. In my case it only works, after creating an new User account with the name "admin" / group " Administratoren" (de).
Before with my real Nickname User "Nick.." / group "Administratoren" (de) it dosent work´.
Takes several hours to discover ...
Accepted solution did not work for me...I found an other command line that worked well (I'm on windows 10):
%systemroot%\system32\printmanagement.msc
It opens the print management in administrator mode, and I was able to create the port with no problems.