Keeping Everything Up-to-date

So how do you keep your installed software up-to-date?  In the past I’ve used Securnia PSI.  More recently, Filehippo, but that seems to be more intrusive with ads.

Lately, I’ve been using the Glarysoft Software updater:

No frills, no thrills: just scan your system and see what programs are out of date.  That’s it and it’s free.

– Soli Deo Gloria

System Info Made Easy

Was looking for a way for our end users to quickly and easily determine their system information, such as IP address and their computer’s name.  Something free, not flashy and not resource intensive.   Solution… Systeminfo by Intelliadmin:

This will place a yellow “star” icon in their task bar and gives information such as LAN IP address, public IP address, computer name and uptime.  Hoover over it with your mouse and you get the IP address, computer name and logged in user name.  Double-click on it and you get a more detailed description pop-up. One little problem I noticed when I put it in the autostart key under HKLM is that it would populate multiple times as people logged in and out of the computer.  To get around this, just run taskkill first to kill anything named systeminfo.exe, then launch systeminfo.exe.

Sample VBScript:

Set ws=CreateObject("Wscript.Shell")
ws.Run "taskkill /im systeminfo.exe",0,true
ws.Run chr(34) & "C:\systeminfo.exe" & chr(34) & "/tray /no_exit_menu /no_url" & chr(34),0

Depending on the speed of the computer, users will notice a black CMD window with cscript on the top during login that will disappear within a few seconds.

– Soli Deo Gloria

Data Breach Mania

In light of the recent ebay databreach, I decided it was finally time for a password manager.  I typically use a permutation of about 5 different passwords and sometimes the same password across multiple sites.  I’m already up to 21 accounts on various sites: who can remember them all?  “To the cloud!” you say…well, I don’t trust the cloud.  Given that the Adobe cloud service was down for nearly a day and I can’t tell what the other guy is doing with my data on the other end, I prefer a more “manual” solution.  Enter: Keepass.  Keepass keeps all of the passwords in one KDBX file encrypted.  No cloud, no man behind the curtain.  Keepass will keep working even if the company goes out of business and the source code is completely open.

It gets even better, because there’s an Android app that can read and write to KDBX files as well. I have Keepass on an encrypted USB key (Locker+ G2) from Kingston for on-the-go situations and on Google Drive so I can get to it from my phone.  You can copy and paste the passwords from Keepass into your web browser.

– Soli Deo Gloria

Windows 10: Pushy!

Been running build 9926 on my PC for a while now.  I was in the “Fast” ring and was pushed build 10041 through Windows Update.  Rebooted and install would not progress past 8%.  It rolled back gracefully to 9926, then I changed the updating to the slow ring.  Of course, the SAME build gets pushed to me again.  ARGH!  This time it goes to 5%. Rollback.  The problem is of course you cannot turn off Windows Update in Windows 10 anymore (probably someone will figure out a way eventually…) and they kept pushing this same build out to me over and over again.  You can suppress the update for 8 hours, but then…BOOM, installing build 10041, fail and rollback again!

Finally, they offered an ISO version of 10041 and I was able to install that just fine…but this does scare me a bit.   I get that an update should not be deferred forever, but only 8 hours?  It should be days, weeks…not hours.

– Soli Deo Gloria

Download Windows 7 and 8.1 from Microsoft

Need to rebuild your PC?  Now you can re-download Windows 7 and 8.1 from Microsoft, provided you have a serial # for them.

Windows 7:

Windows 8.1

– Soli Deo Gloria

Windows 10: A Review

So by now you’ve heard the news that Windows 10 will be free for Windows 7 and 8 users for the first year.  I recently took the plunge and updated my work PC from Windows 8 to Windows 10.  The official release is probably about 8 months away, but so far I am liking Windows 10.  It fixes a lot of what is wrong with Windows 8, namely it brings back the start menu (thank you Microsoft), gets rid of the charms bar in the corners (thank you Microsoft) and allows Modern apps to be “windowed” on the desktop (thank you Microsoft).

However, all of this stuff should have been in Windows 8 already and yet again we have another Vista on our hands: that is Windows 8.  At least Microsoft saw the error of its ways and corrected the ship instead of sinking it.  Being able to upgrade your OS with Windows Update is totally cool and long overdue!


The search bar in the task bar.  If you know what you are looking for, it’s a quick way to have it search the whole C drive and bring it up for you.  Win.

Notifications icon in the taskbar to get to common settings quickly.

Virtual desktops: yes!  One less thing for the Linux boys to rave about.


Even though the start menu is back, I miss drilling through a logical folder structure to get to things.  I still find myself making a shortcut to C:\ProgramData\Microsoft\Windows\Start Menu on the desktop to get the “old start menu” structure back.

Appears to be missing Windows Media Center…maybe this will come back in a later build?

Task Manager really needs to be replaced with Process Explorer or beefed up.  It’s essentially a hold over from Windows 8 showing little to no detail on running processes.

– Soli Deo Gloria

Finding Silent Install Secrets

We use a program called Velaro chat.  I contacted the vendor a few years ago asking for a “quiet installer”.  It’s 2015 and you would think that would be standard by now.  They do offer MSI files on the side, but they have issues….particularly with some .NET interop assembly file missing.  What to do?  First, I tried velaro.exe /?.  No dice.  Next, I tried strings.exe from Sysinternals.  This will give us the plain text strings from the installer:

Ah ha!  /silent.  Why didn’t the vendor clue me in on this?  No idea!  Fired this through SCCM and it works like a champ, except it throws exit code 1 for some reason, even though it is properly installed.

Nice installer guys! (NOT!).  I just fire the install and then check C$ share for the install bits afterwards.  This does saving me time remoting in and manually installing the software.

– Soli Deo Gloria

Backing Up Locked Files

One of the challenges of migrating someone from one computer to another is the data they may have on the C: drive, especially those evil PST files.  The major challenge is backing up locked files.  We can get around this by using VSC in Windows.  Starting with Windows XP, VSC or Volume Shadow Copy allows Windows to “freeze” the state of the file system in time and then copy files/folder in this frozen state.  We will use the freeware program VSCSC to tap into this power.

First we use Mapper24 to encrypt/hide the credentials for the service account that will connect to our server:

mapper24.exe <some encrypted chars> domain\username \\server\backup

Next, we make a folder with the name of the computer we are running from:

 mkdir \\server\backup\%computername%

Then we kick off VSCSC:

vscsc -exec=wkxp2.cmd C:

In wkxp2.cmd, we have this:

robocopy “C:\documents and settings” \\server\backup\%computername% /B /MIR /R:0 /XF *.ost *.tmp *.bak *.dat *.mp3 /XD “Local Settings” “Temp” “Cookies” “Recent” “Nethood” “Printhood” “SentTo” “Start Menu”

So here is what we are doing…we are creating a snapshot in time, then we can use any copy program we want to copy files when “time is frozen” within this snapshot.  Once we exit the script, VSCSC exits and the snapshot is gone.  In the above robocopy script: I am telling it to exclude folders like Local Settings since that is where the internet temporary files are stored.  And yes: this will copy ALL user profiles on the computer to the server, not just the one we want, so you will have to pick through the profiles and grab what you want.

We can log in as the new user on the new computer and just drop in the Desktop, Favorites and My Documents folders manually from the server.

Note that vscsc doesn’t seem to work on Windows 7.  For Windows 7 you will need to copy Diskshadow from Server 2008 or 2008R2 or as a download from here:  Copy the contents of the ZIP file to System32, including the en-US folder or it will not work properly. The concept is pretty much the same:

set context persistent nowriters
set metadata C:\windows\temp\
set verbose on
begin backup
add volume C: alias C_Drive
expose %C_Drive% X:
exec yourbatchfile.cmd
delete shadows volume C:
unexpose X:
end backup

– Soli Deo Gloria

Anti-Malware Tools

It’s been about 5 years since I posted anything about the tools I use to clean off malware.  So, here’s my method:

1. Depending on the type of virus involved: I do a system restore to a system restore point to a time before the infection.

2. Run Hitman Pro.  This uses a combination of Bitdefender and Kaspersky definitions from the cloud.   Note that the free version will not remove the threat if the computer is domain joined, but it will usually show you where the file or registry entry is and you can remove it with another program manually.

3. Norton Power Eraser.  This this another cloud based reputation scanner along with the Symantec virus definitions.  You do need to be a careful with this one as it as a tendency of flagging uncommon/infrequently reported files.

4. ADWCleaner.   Generally finds the same files as Hitman Pro, but is completely free and will offer to clean them without asking for money.  Do note that it has a tendency to just restart Windows for the cleanup without warning you.

5. TDSSKiller.  The “go-to” rootkit remover.

6. Stinger from Mcafee.  Mcafee AV defs in a standalone program.

7. Sysinternals Suite – Specifically, the tools Process Explorer (with built-in Virustotal support) and Autoruns can help identify an infection and remove it.

– Soli Deo Gloria

Case of the Unexplained: 2014

Mark Russinovich’s famous “Case of the Unexplained” for 2014 from TechEd Europe 2014:

– Soli Deo Gloria