Posts Tagged ‘Microsoft’

VirtualBox Error 0x000000C4

November 21, 2013 5 comments

I recently tried to upgrade a Windows 8 VirtualBox virtual machine to Windows 8.1 and ran into an error during the process. If I tried to run the upgrade from within the operating system (which is the required way), I received an error stating that my system did not meet system requirements. Specifically it mentions that my processor does not support “CompareExchange128”. After doing some research, I figured out how to turn on support for that in VirtualBox.

In Linux type the following in a terminal:
VBoxManage setextradata [vmname] VBoxInternal/CPUM/CMPXCHG16B 1
NOTE: Be sure to replace [vmname] with the name of your virtual machine.

In Windows type the following in a command prompt:
"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" setextradata [vmname] VBoxInternal/CPUM/CMPXCHG16B 1
NOTE: Be sure to replace [vmname] with the name of your virtual machine.

This also affects individuals installing Windows Server 2012 R2 on VirtualBox.

How to Use a Command Prompt During GUI-Mode Setup

June 29, 2013 2 comments

In some cases, it may be helpful to have access to a command prompt during GUI-mode Setup for the purposes of troubleshooting, partitioning the disk, copying drivers, starting and stopping services, starting tools such as Task Manager, or other for other needs.

To gain access to a command prompt during GUI-mode Setup, press SHIFT+F10.

Using Network Time Protocol with Windows Server

April 2, 2013 1 comment

We all know that time synchronization is a crucial aspect for all the computers on the network, especially servers. In Windows, client computers obtain the time from domain controllers and the domain controllers obtain their time from the domain’s primary domain controller operation master. The primary domain controller obtains its  time from an external source, usually Microsoft ( If you would like to have your primary domain controller synchronize with a NTP server, the process is fairly simple. My department maintains our own SNTP servers but you could use one from the NTP Pool Project.

For my fellow administrators in the North American continent, you would use:


I recommend you use the DNS name instead of an IP address because the IP addresses may change in the future for what ever reason. Now lets configure our primary domain controller to synchronize with our NTP server.

      1. Sign into your primary domain controller with Administrator credentials. If you do not know which of your domain controllers is the primary domain controller, you can query a domain controller using netdom. Use the command ‘netdom /query fsmo’.
      2. Open a command prompt window.
      3. Stop the W32Time service by using the command ‘net stop w32time’.
      4. Now it is time to configure the external NTP source. Use the command: w32tm /config /syncfromflags:manual /manualpeerlist:<NTP Servers here> /reliable:yes
      5. Start the W32Time service again by using the command ‘net start w32time’.

NOTE: If you are going to use more than one NTP server, you must enclose them in quotes and delimit each entry with a space. Ex: “”.

The Windows Time Service should begin to synchronize the time with external NTP server you chose. You can view your current configuration by using the command ‘w32tm /query /configuration’ and check your Event Viewer for any error messages.

Sysprep Fatal Error With IE 10 (FIX)

March 15, 2013 72 comments

My fellow system administrators, there is a bug with sysprep and Internet Explorer 10 in Windows 7. My department maintains a Windows 7 image that we use on all our desktops. Today I installed some Windows updates which included Internet Explorer 10. When I tried to sysprep the machine like I usually do I received an error that a fatal error has occurred while trying to sysprep the machine. After looking at the logs (setupact.log and setuperr.log) I discovered what the issue was:

Error      [0x0f0085] SYSPRP LaunchDll:Could not load DLL C:\Windows\SysWOW64\iesysprep.dll[gle=0x000000c1]

It turns out that Internet Explorer 10 was the culprit. Strangely, ‘iesysprep.dll’ does exist within C:\Windows\SysWOW64. I have posted about it on the TechNet forums and it appears I am not the only one having this issue. Another user on the TechNet forums, sgennadi, has posted what appears to be a solution. It calls for modifying sysprep registry values and changing them back from SysWOW64 to System32. I personally have not tried his/her solution. I reverted back to a previous image and installed the new updates again, minus Internet Explorer 10, and sysprep works fine. Personally, I will be waiting for Microsoft to address this in a Windows Update before I upgrade to Internet Explorer 10.

I decided to add the proposed solution here in case anyone wants to fix it themselves. Again, credit goes to sgennadi for the solution.

After installing IE10, open the registry editor (regedit). You should make a backup of the registry before making any changes in the event that something goes wrong. You can do this by choosing File > Export and make sure you select ‘All’ under ‘Export range’.

Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Cleanup

Locate: Value Name {EC9FE15D-99DD-4FB9-90D5-5B56E42A0F80} Value Data C:\Windows\SysWOW64\iesysprep.dll,Sysprep_Cleanup_IE
Replace the value with: C:\Windows\System32\iesysprep.dll,Sysprep_Cleanup_IE

Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Generalize

Locate: Value Name {EC9FE15D-99DD-4FB9-90D5-CE53C91AB9A1} Value Data C:\Windows\SysWOW64\iesysprep.dll,Sysprep_Generalize_IE
Replace the value with: C:\Windows\System32\iesysprep.dll,Sysprep_Cleanup_IE

Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Specialize

Locate: Value Name {EC9FE15D-99DD-4FB9-90D5-676C338DC1DA} Value Data C:\Windows\SysWOW64\iesysprep.dll,Sysprep_Cleanup_IE
Replace the value with: C:\Windows\System32\iesysprep.dll,Sysprep_Cleanup_IE

Now you should be able to run sysprep successfully without receiving the IE10 related error.

Windows 7 receives Internet Explorer 10

February 26, 2013 6 comments

With the release of Windows 8, Microsoft launched the latest version of Internet Explorer; Internet Explorer 10. Windows 7 users, however, did not receive the Internet Explorer upgrade. Microsoft has now released Internet Explorer 10 for Windows 7. Internet Explorer 10 will be available through Windows Update in the next few weeks but if you want to download it now you can by visiting the link I have provided below.

Internet Explorer 10

New exploit for IE 7, 8 & 9 on Windows XP, Vista, and 7

September 17, 2012 2 comments

There is a new exploit for Internet Explorer 7, 8, and 9 browsers running Windows XP, Vista and 7. Computers can be compromised simply by visiting a malicious website, which gives the attacker the same privileges as the current user logged in. Since Microsoft has not released a patch for this vulnerability yet, Internet Explorer users are strongly advised to switch to other browsers, such as Chrome or Firefox, until a security update becomes available.

Microsoft has issue a security advisory about the situation:


  • Sep 19th, 2012 – Microsoft released a “fix-it” solution. It has been verified working. More information can be found here.
  • Sep 20th, 2012 – Microsoft updates the “fix-it” advisory to revision 2.0.  Requirements clarified: 1) “For computers that are running 64-bit operating systems, the following Fix it solution only applies to 32-bit versions of Internet Explorer.” 2) Before you apply this Fix it solution, you must ensure that Internet Explorer is fully updated by using the Windows Update service.
  • Sep 21st, 2012 – Microsoft releases Security Bulletin MS12-063 and Cumulative Security Update for Internet Explorer (KB2744842). Users and Administrators should install the update as soon as possible.

Activate Windows Vista, Windows Server 2008R2, and Windows 7 From the Command Line

August 28, 2012 4 comments

Beginning with Windows Vista, Microsoft introduced a powerful command line tool to handle Windows activations. This tool is called ‘slmgr‘. Slmgr works under Windows Vista, Windows 7, and Windows Server 2008 R2. The most common options you may need to use are ‘/ipk‘ which installs a product key, and ‘/ato‘ which tells Windows to try and connect to Microsoft’s servers and activate. This tool can also be used to manage remote clients. I have included below some more advanced parameters and examples.

NOTE: All actions (other than displaying status) require elevated administrator privileges. Slmgr.vbs script is not intended to work across platforms i.e. between Vista and Windows 7

slmgr [MachineName [Username Password]] [Option]

machinename   The machine to administer, by default the current local machine.

username      An administrator equivalent user account for the remote computer.

password      The password for the user account on the remote computer.

/ato   Activate Windows license and product key against Microsoft’s server.

/atp Confirmation_ID   Activate Windows with user-provided Confirmation ID

/ckms  Clear the name of KMS server used to default and port to default.

/cpky  Clear product key from the registry (prevents disclosure attacks)

/dli   Display the current license information with activation
status and partial product key.

/dlv   Verbose, similar to -dli but with more information.

/dti   Display Installation ID for offline activation

/ipk Key  Enter a new product key supplied as xxxxx-xxxxx-xxxxx-xxxxx-xxxxx

/ilc License_file   Install license

/rilc               Re-install system license files

/rearm Reset the evaluation period/licensing status and activation state of the machine

/skms activationservername:port
Set the Volume Licensing KMS server and/or the port used for KMS activation
(where supported by your Windows edition)

/skhc  Enable KMS host caching (default), this blocks the use of DNS priority and
weight after the initial discovery of a working KMS host.
If the system can no longer contact the working KMS host, discovery will be attempted again.

/ckhc  Disable KMS host caching. This setting instructs the client to use DNS auto-discovery
each time it attempts KMS activation (recommended when using priority and weight)

/sai interval
Sets the interval in minutes for unactivated clients to attempt KMS connection.
The activation interval must be between 15 minutes and 30 days, although the default (2 hours)
is recommended.
The KMS client initially picks up this interval from the registry but switches to the KMS
setting after the first KMS response has been received.

/sri interval
Sets the renewal interval in minutes for activated clients to attempt KMS connection.
The renewal interval must be between 15 minutes and 30 days.
This option is set initially on both the KMS server and client sides.
The default is 10080 minutes (7 days).

/spri  Set the KMS priority to normal (default).
/cpri  Set the KMS priority to low.
Use this option to minimize contention from KMS in a co-hosted environment.
Note that this could lead to KMS starvation, depending on what other applications
or server roles are active. Use with care.

/sprt port
Sets the port on which the KMS host listens for client activation requests. The default TCP port is 1688.

/sdns  Enable DNS publishing by the KMS host (default).
/cdns  Disable DNS publishing by the KMS host.

/upk   Uninstall current installed product key and return license status back to trial state.

/xpr   Show the expiry date of current license (if not permanently activated)

Token-based activation:
/lil   List the installed token-based activation issuance licenses.

Remove an installed token-based activation issuance license.

/stao  Set the Token-based Activation Only flag, disabling automatic KMS activation.
/ctao  Clear the Token-based Activation Only flag (default), enabling automatic KMS activation.
/ltc   List valid token-based activation certificates that can activate installed software.
/fta Certificate Thumbprint [PIN]
Force token-based activation using the identified certificate.
The optional personal identification number (PIN) is provided to unlock the private
key without a PIN prompt when using certificates that are protected by hardware
(for example, smart cards).

C:\> cscript C:\windows\system32\slmgr.vbs wkstn64 administrator pa55w0rd1 -dli
C:\> cscript slmgr.vbs -skms
C:\> cscript slmgr.vbs -skms KMSServer:8090