Monday, August 18, 2008
Sunday, August 17, 2008
Restoring deleted Object from the Active Directory
When an object is deleted from Active Directory, it is not immediately erased, but is marked for future deletion. Active Directory uses a replication model "multi-master loose consistency with convergence". Changes can be made on any DC in the forest are incrementally replicated throughout the forest. So in windows AD object deletion will not remove an object.
A tombstone is an object whose ISDeleted property has be set to true, and it indicates that the object has been deleted but not removed from the directory, much like a deleted file is removed from the file allocation table but the data is not actually removed from the drive. The directory service moves tombstoned objects to the Deleted Objects container, where they remain until the garbage collection process removes the objects. The garbage collection process by default runs every 12 hours on a DC. The length of time tombstoned objects remain in the directory service before being deleted is either 60 days for Windows 2000/2003 Active Directory, or 180 days for Windows Server 2003 SP1. AS per the above info, a delete operation is essentially a special modify operation to an object that:
1. Sets the IsDeleted value to True.
2. Sets the internal WhenDeleted column to the IsDeleted metadata's TimeChanged time stamp.
3. Sets the Windows NT security descriptor to a special value.
4. Changes the relative distinguished name (RDN) to a value that is otherwise impossible, (that is, one that cannot be set by an LDAP program).
5. Strips all attributes not needed at this point by Active Directory. Key attributes such as the following are hard-coded to survive deletion:
o Object-GUID
o Object-SID
o Object-Dist-Name
o USN
Methods for restoring deleted items in Active Directory
Restoring the item from a previous backup
Restoring deleted items by usage of the NTBACKUP program and the System State backup involve shutting down the DC and booting it into "DS Restore Mode", the reanimation mechanism is the only way to recover deleted objects without taking a DC offline.
You can use one of the three methods to restore Active Directory from backup media Primary Restore, Normal Restore (i.e. Non Authoritative), and Authoritative Restore.
• Primary Restore: This method rebuilds the first domain controller in a domain when there is no other way to rebuild the domain. Perform a primary restore only when all the domain controllers in the domain are lost, and you want to rebuild the domain from the backup. Members of the Administrators group can perform the primary restore on local computer. On a domain controller, only members of the Domain Admins group can perform this restore.
• Normal Restore: This method makes the Active Directory data to the state before the backup, and then updates the data through normal replication process. Perform a normal restore for a single domain controller to a previously known good state.
• Authoritative Restore: You perform this method in tandem with a normal restore. An authoritative restore marks specific data as current and prevents the replication from overwriting that data. The authoritative data is then replicated through the domain. Perform an authoritative restore for individual object in a domain that has multiple domain controllers. When you perform an authoritative restore, you lose all changes to the restore object that occurred after the backup. You need to use the NTDSUTIL command line utility to perform an authoritative restore. You need to use it in order to mark Active Directory objects as authoritative, so that they receive a higher version recently changed data on other domain controllers does not overwrite System State data during replication.
Performing an authoritative restore
After the data has been restored, use Ntdsutil.exe to perform the authoritative restore. To do this, follow these steps:
1. At a command prompt, type ntdsutil, and then press ENTER.
2. Type authoritative restore, and then press ENTER.
3. Type restore database, press ENTER, click OK, and then click Yes.
Restoring the objects with LDP.EXE
Deleted objects in Active Directory are not really deleted, they are just "tombstoned" for a period of time that can either be 60/180 days, depending on your DCs' operating system, or any other value, if it was ever changed by the system administrator.
Restoring objects with ADRestore.net
This one more way to restore your deleted object from the tombstone
You can go through this link ADRestore.net
A tombstone is an object whose ISDeleted property has be set to true, and it indicates that the object has been deleted but not removed from the directory, much like a deleted file is removed from the file allocation table but the data is not actually removed from the drive. The directory service moves tombstoned objects to the Deleted Objects container, where they remain until the garbage collection process removes the objects. The garbage collection process by default runs every 12 hours on a DC. The length of time tombstoned objects remain in the directory service before being deleted is either 60 days for Windows 2000/2003 Active Directory, or 180 days for Windows Server 2003 SP1. AS per the above info, a delete operation is essentially a special modify operation to an object that:
1. Sets the IsDeleted value to True.
2. Sets the internal WhenDeleted column to the IsDeleted metadata's TimeChanged time stamp.
3. Sets the Windows NT security descriptor to a special value.
4. Changes the relative distinguished name (RDN) to a value that is otherwise impossible, (that is, one that cannot be set by an LDAP program).
5. Strips all attributes not needed at this point by Active Directory. Key attributes such as the following are hard-coded to survive deletion:
o Object-GUID
o Object-SID
o Object-Dist-Name
o USN
Methods for restoring deleted items in Active Directory
Restoring the item from a previous backup
Restoring deleted items by usage of the NTBACKUP program and the System State backup involve shutting down the DC and booting it into "DS Restore Mode", the reanimation mechanism is the only way to recover deleted objects without taking a DC offline.
You can use one of the three methods to restore Active Directory from backup media Primary Restore, Normal Restore (i.e. Non Authoritative), and Authoritative Restore.
• Primary Restore: This method rebuilds the first domain controller in a domain when there is no other way to rebuild the domain. Perform a primary restore only when all the domain controllers in the domain are lost, and you want to rebuild the domain from the backup. Members of the Administrators group can perform the primary restore on local computer. On a domain controller, only members of the Domain Admins group can perform this restore.
• Normal Restore: This method makes the Active Directory data to the state before the backup, and then updates the data through normal replication process. Perform a normal restore for a single domain controller to a previously known good state.
• Authoritative Restore: You perform this method in tandem with a normal restore. An authoritative restore marks specific data as current and prevents the replication from overwriting that data. The authoritative data is then replicated through the domain. Perform an authoritative restore for individual object in a domain that has multiple domain controllers. When you perform an authoritative restore, you lose all changes to the restore object that occurred after the backup. You need to use the NTDSUTIL command line utility to perform an authoritative restore. You need to use it in order to mark Active Directory objects as authoritative, so that they receive a higher version recently changed data on other domain controllers does not overwrite System State data during replication.
Performing an authoritative restore
After the data has been restored, use Ntdsutil.exe to perform the authoritative restore. To do this, follow these steps:
1. At a command prompt, type ntdsutil, and then press ENTER.
2. Type authoritative restore, and then press ENTER.
3. Type restore database, press ENTER, click OK, and then click Yes.
Restoring the objects with LDP.EXE
Deleted objects in Active Directory are not really deleted, they are just "tombstoned" for a period of time that can either be 60/180 days, depending on your DCs' operating system, or any other value, if it was ever changed by the system administrator.
Restoring objects with ADRestore.net
This one more way to restore your deleted object from the tombstone
You can go through this link ADRestore.net
Windows Processes in the Task Manager
1) svchost.exe running in the Task Manager..?
Svchost.exe is a generic host process name for services that run from dynamic-link libraries (DLLs).
Microsoft decided instead of creating a separate executable file for each service that start in windows they will create different .dll files and let the process svchost.exe host them all.
Basicly this means that svchost starts and it loads all the needed dll files from the services needed.
2) What is iexplore.exe?
Iexplore.exe is the process for Microsoft Internet Explorer. This process is a nonessential process and can safely be killed. By killing it, however, one or more Internet Explorer windows will be closed and any data within lost.
3) What is csrss.exe?
Csrss.exe is, by Microsoft's definition, the part of the Microsoft Client/Server Runtime Server Subsystem that runs in user mode. It is a critical subsystem that is primarily responsible for managing threads and creating console windows. It also handles any other operations of the Win32 subsystem that are not in kernel mode. Due to the critical nature of this process, it cannot be stopped from the task manager.
4) What is rundll32.exe?
Rundll32.exe is a process that allows dynamic link libraries (DLLs) to be executed. Many system DLLs contain entry points for external use. These include the control panel, as well as Shell32.dll, which allows you to bring up windows such as the "Open with..." dialog. This process is a system process that is essential to the system's proper operation. Despite this, it is generally safe to kill a misbehaved rundll32.exe, as it will only terminate the program that is executing as a DLL. Removing the executable altogether, however, will render your system unable to execute DLLs and thus render significant parts of the system unusable.
5) What is lsass.exe?
Lsass.exe is by Microsoft's definition, the Local Security Authentication Server. Its purpose is to validate attempts to log on to your machine. If the login is successful, it generates the user's access token and uses it to launch the shell (explorer.exe). Any processes the user launches will also inherit this token.
Due to the critical nature of this process, it cannot be stopped from the task manager.
6) What is alg.exe?
Alg.exe is, according to Microsoft's definition, the Application Layer Gateway Service. It is a necessary process for Internet Connection Sharing, as well as the Windows Internet Connection Firewall. Additionally, it provides the ability to use third-party protocol plugins, such as for a third-party firewall.
If you use the Windows Firewall or Internet Connection Sharing, do not kill this process. Doing so will cause you to lose network connectivity until the next reboot. If you use a third-party firewall, you also may need to keep it running. Additionally, many other pieces of network-related software, such as Intel Pro/Set, is known to require it to be able function properly. It is therefore recommended that you do not disable the Application Layer Gateway.
7) What is wuauclt.exe?
Wuauclt.exe is the Windows Update Autoupdate Client. It is a background process that periodically checks with Microsoft's servers for updates to the operating system and drivers. If you wish to use Automatic Updates, this is a necessary process. If not, you can safely disable the Automatic Updates service, which will prevent it from running. While it is possible to kill this process through the task manager, it is likely that it will immediately come back if automatic updates are enabled.
8) What is ccApp.exe?
CcApp.exe is the Symantec Common Client Application. It is used by many Norton applications, including Norton AntiVirus, Norton AntiSpam, and Norton Internet Security. Norton uses it for its background virus protection and email scanning features. This process is not essential to the operation of the system; however, it is essential to the proper functioning of Norton products. If you do not want to use the background scanning features of your Symantec software, you should disable it in the application. If you do not have any Symantec product installed, you should not have any processes with this name. The presence of this process on systems without Symantec software typically indicates a virus or spyware infection.
9) What is explorer.exe?
Windows Explorer, or explorer.exe, is the default Windows user shell. This process is responsible for the file manager, desktop, and taskbar. As such, it is arguably the most readily apparent process in Windows. Despite its ubiquity, Explorer can be safely terminated. Doing so, however, will prevent you from launching any programs via the graphical user interface (as your taskbar, start menu, and icons will be gone).
10) What is ctfmon.exe?
Ctfmon.exe is the part of Microsoft Office XP and later that is responsible for activating the Alternative User Input Text Input Processor and the Microsoft Office Language Bar. Essentially, it provides support for speech recognition, handwriting recognition, and other types of alternative user input. It may start on system boot, even if no other Microsoft Office applications are running. This is a nonessential process that can safely be terminated as long as there are no Microsoft Office programs running. It is not recommended to terminate it while a Microsoft Office application is running or if you are using handwriting recognition, speech recognition, the language bar, or any other type of alternative user input. If you do not need the functionality this process provides and wish to permanently eliminate it, you can remove Alternative User Input support from your installation of Microsoft Office via the Add/Remove Programs control panel.
11) What is spoolsv.exe?
Spoolsv.exe is the Windows Print Spooler service. Its function is to manage spooled print jobs and handle the print queue. This process is not essential to the operation of the system; however, if you use a printer, the Print Spooler service must be enabled and spoolsv.exe must be running. If you do not have a printer, it is safe to kill this process and disable the Print Spooler service.
12) What is services.exe?
Services.exe is the Windows Services Control Manager. This process is responsible for starting, stopping, and managing system services. Services.exe will start automatic services on boot and stop all services on shutdown. This process is a critical system process and is essential to the operation of the system. Due to the critical nature of the process, it is not possible to terminate it via the task manager. Disabling this process otherwise will render your system unbootable.
13) What is smss.exe?
Smss.exe is the session manager subsystem. This process is responsible for creating environment variables, starting the Win32 subsystem, creating paging files, establishing DOS device mappings, and initializing the Windows Logon Manager. As such, it is responsible for starting user sessions. This process is a critical system process and is essential to the operation of the system. Due to the critical nature of the process, it is not possible to terminate the process via the task manager. Disabling this process otherwise will render your system unbootable.
14) What is jusched.exe?
Jusched.exe is the Java Update Scheduler. This process is installed by Sun Microsystems' Java to periodically check for updates. By default, it is installed as a service and set to start automatically.
This process is a nonessential process and can be safely terminated. Note that terminating the process will prevent automatic updates to Java. To prevent the Java Update Scheduler from starting on boot, open up the Java Control Panel and uncheck "Check for Updates Automatically. When asked if you would like to update monthly, choose "Never Update."
15) What is winlogon.exe?
Winlogon.exe is the part of the Windows Login Subsystem. This process is responsible for handling the secure attention sequence (pressing Ctrl+Alt+Del before seeing the login box), loading user profiles, locking the system when a screensaver is running, and verifying the operating system's activation key. On Windows XP, it provides support functions for Graphical Idenitification and Authentication (GINA). This process is a critical system process and is essential to the operation of the system. Due to the critical nature of the process, it is not possible to terminate the process via the task manager. Disabling it otherwise will prevent you from logging in.
16) What is mdm.exe?
Mdm.exe is the Windows Machine Debug Manager. It is used for debugging scripts in Internet Explorer, as well as debugging code in Microsoft Visual Studio and other Microsoft development environments. This process is a nonessential process and can safely be killed and disabled. By killing the machine debug manager, however, you will lose the ability to debug scripts in Internet Explorer.
17) What is mdm.exe?
Mdm.exe is the Windows Machine Debug Manager. It is used for debugging scripts in Internet Explorer, as well as debugging code in Microsoft Visual Studio and other Microsoft development environments. This process is a nonessential process and can safely be killed and disabled. By killing the machine debug manager, however, you will lose the ability to debug scripts in Internet Explorer.
18) What is alcxmntr.exe?
Alcxmntr.exe, or the Realtek AC97 Audio Event Monitor, is a service installed with Realtek audio drivers. It is not known exactly what this program does; however, it is a necessary part of the Realtek drivers.
This process is not essential to the operation of the system; however, you should not make any attempt to disable it. Doing so may prevent your audio from working.
Svchost.exe is a generic host process name for services that run from dynamic-link libraries (DLLs).
Microsoft decided instead of creating a separate executable file for each service that start in windows they will create different .dll files and let the process svchost.exe host them all.
Basicly this means that svchost starts and it loads all the needed dll files from the services needed.
2) What is iexplore.exe?
Iexplore.exe is the process for Microsoft Internet Explorer. This process is a nonessential process and can safely be killed. By killing it, however, one or more Internet Explorer windows will be closed and any data within lost.
3) What is csrss.exe?
Csrss.exe is, by Microsoft's definition, the part of the Microsoft Client/Server Runtime Server Subsystem that runs in user mode. It is a critical subsystem that is primarily responsible for managing threads and creating console windows. It also handles any other operations of the Win32 subsystem that are not in kernel mode. Due to the critical nature of this process, it cannot be stopped from the task manager.
4) What is rundll32.exe?
Rundll32.exe is a process that allows dynamic link libraries (DLLs) to be executed. Many system DLLs contain entry points for external use. These include the control panel, as well as Shell32.dll, which allows you to bring up windows such as the "Open with..." dialog. This process is a system process that is essential to the system's proper operation. Despite this, it is generally safe to kill a misbehaved rundll32.exe, as it will only terminate the program that is executing as a DLL. Removing the executable altogether, however, will render your system unable to execute DLLs and thus render significant parts of the system unusable.
5) What is lsass.exe?
Lsass.exe is by Microsoft's definition, the Local Security Authentication Server. Its purpose is to validate attempts to log on to your machine. If the login is successful, it generates the user's access token and uses it to launch the shell (explorer.exe). Any processes the user launches will also inherit this token.
Due to the critical nature of this process, it cannot be stopped from the task manager.
6) What is alg.exe?
Alg.exe is, according to Microsoft's definition, the Application Layer Gateway Service. It is a necessary process for Internet Connection Sharing, as well as the Windows Internet Connection Firewall. Additionally, it provides the ability to use third-party protocol plugins, such as for a third-party firewall.
If you use the Windows Firewall or Internet Connection Sharing, do not kill this process. Doing so will cause you to lose network connectivity until the next reboot. If you use a third-party firewall, you also may need to keep it running. Additionally, many other pieces of network-related software, such as Intel Pro/Set, is known to require it to be able function properly. It is therefore recommended that you do not disable the Application Layer Gateway.
7) What is wuauclt.exe?
Wuauclt.exe is the Windows Update Autoupdate Client. It is a background process that periodically checks with Microsoft's servers for updates to the operating system and drivers. If you wish to use Automatic Updates, this is a necessary process. If not, you can safely disable the Automatic Updates service, which will prevent it from running. While it is possible to kill this process through the task manager, it is likely that it will immediately come back if automatic updates are enabled.
8) What is ccApp.exe?
CcApp.exe is the Symantec Common Client Application. It is used by many Norton applications, including Norton AntiVirus, Norton AntiSpam, and Norton Internet Security. Norton uses it for its background virus protection and email scanning features. This process is not essential to the operation of the system; however, it is essential to the proper functioning of Norton products. If you do not want to use the background scanning features of your Symantec software, you should disable it in the application. If you do not have any Symantec product installed, you should not have any processes with this name. The presence of this process on systems without Symantec software typically indicates a virus or spyware infection.
9) What is explorer.exe?
Windows Explorer, or explorer.exe, is the default Windows user shell. This process is responsible for the file manager, desktop, and taskbar. As such, it is arguably the most readily apparent process in Windows. Despite its ubiquity, Explorer can be safely terminated. Doing so, however, will prevent you from launching any programs via the graphical user interface (as your taskbar, start menu, and icons will be gone).
10) What is ctfmon.exe?
Ctfmon.exe is the part of Microsoft Office XP and later that is responsible for activating the Alternative User Input Text Input Processor and the Microsoft Office Language Bar. Essentially, it provides support for speech recognition, handwriting recognition, and other types of alternative user input. It may start on system boot, even if no other Microsoft Office applications are running. This is a nonessential process that can safely be terminated as long as there are no Microsoft Office programs running. It is not recommended to terminate it while a Microsoft Office application is running or if you are using handwriting recognition, speech recognition, the language bar, or any other type of alternative user input. If you do not need the functionality this process provides and wish to permanently eliminate it, you can remove Alternative User Input support from your installation of Microsoft Office via the Add/Remove Programs control panel.
11) What is spoolsv.exe?
Spoolsv.exe is the Windows Print Spooler service. Its function is to manage spooled print jobs and handle the print queue. This process is not essential to the operation of the system; however, if you use a printer, the Print Spooler service must be enabled and spoolsv.exe must be running. If you do not have a printer, it is safe to kill this process and disable the Print Spooler service.
12) What is services.exe?
Services.exe is the Windows Services Control Manager. This process is responsible for starting, stopping, and managing system services. Services.exe will start automatic services on boot and stop all services on shutdown. This process is a critical system process and is essential to the operation of the system. Due to the critical nature of the process, it is not possible to terminate it via the task manager. Disabling this process otherwise will render your system unbootable.
13) What is smss.exe?
Smss.exe is the session manager subsystem. This process is responsible for creating environment variables, starting the Win32 subsystem, creating paging files, establishing DOS device mappings, and initializing the Windows Logon Manager. As such, it is responsible for starting user sessions. This process is a critical system process and is essential to the operation of the system. Due to the critical nature of the process, it is not possible to terminate the process via the task manager. Disabling this process otherwise will render your system unbootable.
14) What is jusched.exe?
Jusched.exe is the Java Update Scheduler. This process is installed by Sun Microsystems' Java to periodically check for updates. By default, it is installed as a service and set to start automatically.
This process is a nonessential process and can be safely terminated. Note that terminating the process will prevent automatic updates to Java. To prevent the Java Update Scheduler from starting on boot, open up the Java Control Panel and uncheck "Check for Updates Automatically. When asked if you would like to update monthly, choose "Never Update."
15) What is winlogon.exe?
Winlogon.exe is the part of the Windows Login Subsystem. This process is responsible for handling the secure attention sequence (pressing Ctrl+Alt+Del before seeing the login box), loading user profiles, locking the system when a screensaver is running, and verifying the operating system's activation key. On Windows XP, it provides support functions for Graphical Idenitification and Authentication (GINA). This process is a critical system process and is essential to the operation of the system. Due to the critical nature of the process, it is not possible to terminate the process via the task manager. Disabling it otherwise will prevent you from logging in.
16) What is mdm.exe?
Mdm.exe is the Windows Machine Debug Manager. It is used for debugging scripts in Internet Explorer, as well as debugging code in Microsoft Visual Studio and other Microsoft development environments. This process is a nonessential process and can safely be killed and disabled. By killing the machine debug manager, however, you will lose the ability to debug scripts in Internet Explorer.
17) What is mdm.exe?
Mdm.exe is the Windows Machine Debug Manager. It is used for debugging scripts in Internet Explorer, as well as debugging code in Microsoft Visual Studio and other Microsoft development environments. This process is a nonessential process and can safely be killed and disabled. By killing the machine debug manager, however, you will lose the ability to debug scripts in Internet Explorer.
18) What is alcxmntr.exe?
Alcxmntr.exe, or the Realtek AC97 Audio Event Monitor, is a service installed with Realtek audio drivers. It is not known exactly what this program does; however, it is a necessary part of the Realtek drivers.
This process is not essential to the operation of the system; however, you should not make any attempt to disable it. Doing so may prevent your audio from working.
How to change the listening port for Remote Desktop
How to change the port that Remote Desktop listens on.
You can use the Remote Desktop feature to connect to your computer from another remote computer.
Go to the system in which you want to change the RD listening port.
Steps to follow.
1)Start Registry Editor.
2)Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
3)On the Edit menu, click Modify, and then click Decimal.
4)Type the new port number, and then click OK.
5)Quit Registry Editor.
Now when you try to connect to this computer by using the Remote Desktop connection, you must type the new port.
You can use the Remote Desktop feature to connect to your computer from another remote computer.
Go to the system in which you want to change the RD listening port.
Steps to follow.
1)Start Registry Editor.
2)Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
3)On the Edit menu, click Modify, and then click Decimal.
4)Type the new port number, and then click OK.
5)Quit Registry Editor.
Now when you try to connect to this computer by using the Remote Desktop connection, you must type the new port.
XP Virtual CD-ROM Control Panel v2.0.1.1
THIS TOOL IS UNSUPPORT BY MICROSOFT PRODUCT SUPPORT SERVICES
This free program for Windows XP lets you create a virtual CD drive on your hard disk.
For anyone unfamiliar with the terms 'virtual CD' or 'CD emulator', they mean that you can copy the entire contents of a CD-ROM to your hard disk and run the programs or access the files without the need for the original CD. This can make files more accessible, faster and more convenient. Given the speed and size of today's hard drives, you could easily fit a number of CDs onto your hard drive without noticing the difference. Assuming you had 30 full CDs, these would take around 20GB on a hard drive and all will be accessible after a few clicks of a mouse.
You can download it here DOWNLOAD
Installation instructions
=========================
1. Copy VCdRom.sys to your %systemroot%\system32\drivers folder.
2. Execute VCdControlTool.exe
3. Click "Driver control"
4. If the "Install Driver" button is available, click it. Navigate to the %systemroot%\system32\drivers folder, select VCdRom.sys, and click Open.
5. Click "Start"
6. Click OK
7. Click "Add Drive" to add a drive to the drive list. Ensure that the drive added is not a local drive. If it is, continue to click "Add Drive" until an unused drive letter is available.
8. Select an unused drive letter from the drive list and click "Mount".
9. Navigate to the image file, select it, and click "OK". UNC naming conventions should not be used, however mapped network drives should be OK.
You may now use the drive letter as if it were a local CD-ROM device. When you are finished you may unmount, stop, and remove the driver from memory using the driver control.
This free program for Windows XP lets you create a virtual CD drive on your hard disk.
For anyone unfamiliar with the terms 'virtual CD' or 'CD emulator', they mean that you can copy the entire contents of a CD-ROM to your hard disk and run the programs or access the files without the need for the original CD. This can make files more accessible, faster and more convenient. Given the speed and size of today's hard drives, you could easily fit a number of CDs onto your hard drive without noticing the difference. Assuming you had 30 full CDs, these would take around 20GB on a hard drive and all will be accessible after a few clicks of a mouse.
You can download it here DOWNLOAD
Installation instructions
=========================
1. Copy VCdRom.sys to your %systemroot%\system32\drivers folder.
2. Execute VCdControlTool.exe
3. Click "Driver control"
4. If the "Install Driver" button is available, click it. Navigate to the %systemroot%\system32\drivers folder, select VCdRom.sys, and click Open.
5. Click "Start"
6. Click OK
7. Click "Add Drive" to add a drive to the drive list. Ensure that the drive added is not a local drive. If it is, continue to click "Add Drive" until an unused drive letter is available.
8. Select an unused drive letter from the drive list and click "Mount".
9. Navigate to the image file, select it, and click "OK". UNC naming conventions should not be used, however mapped network drives should be OK.
You may now use the drive letter as if it were a local CD-ROM device. When you are finished you may unmount, stop, and remove the driver from memory using the driver control.
Subscribe to:
Posts (Atom)