Windows 10 1903 – BSOD (WDF_VIOLATION)

After updating an iMac Late 2010 to Windows 10 1903 I got a blue screen “WDF_VIOLATION”. After checking the minidump, I could see that the MacHALDriver.sys (Macintosh Hardware Application Layer Driver) is involved. After renaming the file (c:\windows\system32\drivers\MacHALDriver.sys) over the network (works because the system crashes after user login) or in safe mode and rebooting, I was able to log back in. Since I don’t use an Apple keyboard I can do without the driver.

While researching I found out that other users also have problems with a similar keyboard driver for HP. In this case it is called HpqKbFiltr.sys. Is also responsible for the hotkeys (screen brightness and co.).

Access to an administrative share failed with “access was denied”

If username and password are right, maybe the UAC are the problem. Try to enable the LocalAccountTokenFilterPolicy to pass the local admin rights.

Write zeros to a hard drive – Wipe/Erase unused or free space

Windows: Format and write zeros to every sector of the drive.

Windows: Format and write zeros to every sector of the drive. After the first pass write randome numbers.

Windows: Fill free space.

Unix: Fill free space.

Unix: Fill free space on FAT32 drive (4GB limit per file).

How to configure RPC dynamic port allocation to work with firewalls

Windows XP use per default a dynamic port range from 1024 to 5000 for RPC/WMI/DCOM. To set up a fixed Port or Range use this settings:

  1. regedit: HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc
  2. Add key “Internet”
  3. Add this three values:

Ports: REG_MULTI_SZ: 5000-5100
PortsInternetAvailable: REG_SZ: Y
UseInternetPorts: REG_SZ: Y

  1. run winmgmt -standalonehost
  2. net stop winmgmt
  3. net start winmgmt
  4. Reboot


Remove OneDrive from Explorer on Windows 10

  1. Uninstall OneDrive
  2. Change registry key (32-bit) under System.IsPinnedToNameSpaceTree to 0
  3. Change registry key (64-bit) under System.IsPinnedToNameSpaceTree to 0

Windows Update failed with error code 0x80004005

Since weeks one windows machine wasn’t able to install the latest “Monthly Rollups”, but other updates work. After reboot the installer starts until 86% and undone the update. Internet search did not bring much, except some users with an alternative bootloader who have the same problem. But this machine has no other bootloader. The Windows Update log did not have any helpful details, which also makes sense since it had to give for the installation of the update its own log. I remembered the SBC.log, which I used in another problem and what should I say … there was the error code 80004005 – with helpfull details.

It was not possible to write parts of the bootloader. I assign a drive letter to \HarddiskVolume1 with diskpart and i see the problem. The drive was out of space. Only 12Kb free, but lots of garbage. The drive is also used for Recovery (WinRE). Then I recognized the cause. The disk was cloned from a HDD to a SSD with lower capacity. After resize the HarddiskVolume1 to original size, the update works without any problem.

Hardlink, Symlink and Junctions

To create a softlink, which should work through a network share, a junction should be created with mklink:

Allow Remote Desktop login with saved credentials

When trying to use saved credentials in Remote Desktop Connection you might receive this message:

Your credentials did not work. Your system administrator does not allow the use of saved credentials to log on to the remote computer because its identity is not fully verified. Please enter new credentials.

To be able to use saved credentials in this situation you need to do the following:

  1. Open Group Policy Editor (gpedit.msc)
  2. Navigate to Local Computer Policy\Computer Configuration\Administrative Templates\System\Credentials Delegation\
  3. Open Setting Allow Delegating Saved Credentials with NTLM-only Server Authentication, set it to Enabled click on button Show… and in Show Contents window add Value TERMSRV/*
  4. Run gpupdate command to update your policy.

Now you should be able to use your saved credentials.