s this [the post included below] a veiled threat to delete more posts? Or
some sort of disguised back-handed sales pitch? Based on previous
experiences, I do believe I could escalate the issue, pay Microsoft some
"support" money, and someone at Microsoft would reveal the answer, perhaps
with a clause requiring me not to republish it in public places like the
newsgroups. After all, security almost entirely depends on obscurity, as all
good Microsoftians "know".
Anyway, in the event that some thin-skinned person was offended by my
attempt at lighten-the-tone humor, I have no problems with apologizing for
it. Apparently only Republicans are allowed to make such jokes, and I also
apologize for being too poorly read to know of a suitable parallel usage
with a male protagonist, which would have obviated the attempted joke.
Now let's return to the technical issues you (Pat Walters [MSFT]) ignored,
for whatever mysterious reasons. I think it best to begin by refreshing the
history a bit.
One of my machines developed an annoying but apparently minor problem at
boottime. As time allowed for such a low-priority item, I investigated.
After several months, I became focused on the hypothesis that the problem
involved missing security certificates. My current belief is that the
problem is more widespread than I initially thought and that many of your
customers would see it if they ran the "sfc /scannow" command, especially on
Windows 2000 computers. My sample is too small, but so far it seems to be
*all* W2K boxes. I'll probably check some more machines over the next few
After reading *lots* of official Microsoft Web pages and searching in
various other places, I finally resorted to the newsgroups. My initial query
resulted in a request for more data, which I provided, but it went downhill
from there. Many years ago the newsgroups had a positive SNR, but nowadays
zero-signal-and-downhill is the safe prediction.
Just in case some technically competent person would be so kind as to
provide a useful answer, the technical question is:
How can missing security certificates be identified (and "safely" replaced)?
I am stressing "safely" because this is actually a new technical issue for
this thread. Perhaps I misunderstand the situation, but I think it would be
possible for someone to replace a system file with a bogus one and produce
the problems I am describing here. However, that same "someone" could
perhaps prepare a security certificate that could be used to assure people
(via SFC) that the bogus file is the truly bogus one (albeit with
[The non-technical question is "Why have the MVPs become so ineffective at
answering anything beyond the most trivial FAQs?", but we're not supposed to
consider that one, even in the absence of useful technical answers.]
Pat Walters [MSFT] < XXXX@XXXXX.COM > wrote: