Saturday, November 28, 2015

Web Browser Linkpost: Turkey Day Edition

Clearly I’m finding a little bit of time in the post Thanksgiving Day period to catch up on some blogging.

Here are some new browser bits I’ve tucked away over the past several weeks.

Tracking & Security


Firefox and Mozilla Developments

FavIcon Reloader - Add-ons for Firefox - having two primary systems, and two Mozilla based browsers (Firefox and Pale Moon) means that my considerable bookmark library often gets out of sync. I don’t use an on-line sync solution but rather back-up/restore the file between apps/systems. That’s great but I loos my favicons if the difference. FavIcon Reloader works great to get the icons back. I tend to use them as visual clues a lot more than I realized.

ConfigFox - utility update to version 1.4.3


Firefox finally comes to iOS - Ars Technica - meh..

Pale Moon

List of Pale Moon specific about:config preferences - gHacks Tech News


Claus Valca

GSD Superpost: Windows Performance Troubleshooting

It has been a long time since my Case of the Unexplained Donut of Death post where I dip into the deeper waters of Windows Performance troubleshooting.

I might use…

But eventually I hit upon the Windows Performance Analysis Toolkit in Windows 8 (SDK 8) and newer (Win 8.1 & 10).  See this GSD post for linkages to more tool tips for the above items.

Later I would find an additional tool PerfView that helps with trace file collection and analysis.

Now Windows 10 is out and while I really need to invest in a deep dive of a resource like the Windows Performance Analysis Field Guide (amazon link) by Clint Huffman, there are still a lot of tools and resources still to be discovered.

I’m still trying to understand the new feature set and capability of Windows Performance Toolkit for Windows 10.

The latest tool that has inspired me is Bruce Dawson’s “UIforETW” tool.

This is a tool that records ETW traces, works around ETW performance bugs, allows configuration of trace recording options, works as a trace management UI, and more.

Basically you download it, run it, allow it to install the required WPT packages, and then pretty much start tracing. It records to a circular buffer so if you experience something interesting, save the trace and rename/note it, and the trace keeps on going while you go exploring the captured trace file. Read Bruce’s post for a full walk-through.

Bruce also has some good posts on performance troubleshooting.

This is an awesomely helpful tool to keep on your USB drive!

I had also just discovered Clint Huffman’s PAL (Performance Analysis of Logs) Tool

Both the ETW tool and the PerfView tool in particular should make it easy for me to leave a shortcut on a user’s desk so they can run the tool if I need them to capture a recurring performance issue, then let me collect the (large) trace file at a later time for deeper analysis.

However it would be nice to make a scripted “click-to-run” or “circular capture at startup” routine for ongoing troubleshooting; assuming resources (disk space and system performance) are up to the task.

I’m looking at these posts for inspiration and refinement.

Of course, just being able to collect ETL trace files and look at them with the Windows Performance Analyzer tool isn’t remotely close to fixing the issue. Generally there aren’t any singing angels present pointing the way to the problem process or issue.

You have to deep dive into the trace file to isolate the issue and drill down into the root cause; then come up with a solution.

So here are a BUNCH of video resources (and a few blog posts) to help with the learning process and to illustrate the tools mentioned and techniques used in Windows performance troubleshooting.  I’m collecting them here so I can find them quickly when I need some inspiration or deeper learning.

Defrag Tools - Windows Performance Toolkit (WPT) Videos

Defrag Tools - PerfView Videos

Defrag Tools - General Troubleshooting Videos

Advanced, Deep, and Challenging Performance Troubleshooting Videos

That should keep us busy for a while!


Claus Valca

Microsoft Training Courses: Networks, AD, & Security

I found these the other day while working on a project at work.


Networking Fundamentals - Microsoft Virtual Academy

Want to learn network security fundamentals? In this MVA course, discover the building blocks of modern network design and function and prepare for Exam 98-366: Networking Fundamentals, part of an MTA certification. Our online network security training course is free of charge and led by an expert who can help you build your skills and career.

Take this networking fundamentals training, and find out how to put the many pieces together to build a functional and secure network.

Understanding Local Area Networking
In this module you’ll learn about basic concepts and Local Area Networking.

Defining Networks with the OSI Model
This module describes the OSI model and how its layers determine how network traffic is moved and consumed.

Understanding Wired and Wireless Networks
This module covers the basics of wired and wireless media, protocols, standards, and concepts.

Understanding Internet Protocol
In this module you’ll learn about Internet Protocol (IP) and how it makes the internet and modern networks function.

Implementing TCP/IP in the Command Line
This module describes the tools used to manage and troubleshoot networks.

Working with Networking Services
This module describes the services that can be provided and that are required for a network to function.

Understanding Wide Area Networks
In this module you’ll learn about connecting your local area network to other local area networks over large geographic areas and across multiple types of boundaries.

Defining Network Infrastructure and Network Security
This module show you how to appropriately use the tools described in earlier modules to build a functional, secure network.

Recommended Resources and Next Steps for Networking Fundamentals
The information in this module provides you with an opportunity to dive deeper into Networking Fundamentals, at your own pace.

See also Networking Fundamentals - Channel 9

Another version perhaps or same one repackaged?

Introduction to Networking Fundamentals - Microsoft Virtual Academy

Educators, are you looking for a fast-paced and comprehensive introduction to network fundamentals? This on-demand, independent study course is just the ticket. Explore the basics of networking, and get a firm understanding of the underlying concepts. Each of these modules for educators and other learners runs about 30 minutes and covers new concepts, while reinforcing earlier topics. The course includes PowerPoint presentations for use individually or in the classroom.

Taught by educators with attention to the needs of school teachers and students, these courses address Local Area Networks (LANs), network definition using the OSI model, wired and wireless networks, Internet Protocol (IP), TCP/IP in the command line, networking services, wide area networks (WANs), and much more!

See these shorter supplemental videos for networking tips and tricks:

Active Directory

Active Directory Beginners Course - Microsoft Virtual Academy

This course provides students an introduction to Active Directory server roles in Windows Server. The course is intended for entry level students who want to get familiar with the Active Directory server roles and their basic functionality.

Introduction to Active Directory
This module provides an overview of the Active Directory roles available in Windows Server.

Active Directory Domain Services (DS)
This module provides an overview of Active Directory Domain Services in Windows Server.

Active Directory Certificate Services (CS)
This module provides an overview of Active Directory Certificate Services in Windows Server.

Active Directory Federation Services (FS)
This module provides an overview of Active Directory Federation Services in Windows Server.

Active Directory Rights Management Services (RMS)
This module provides an overview of Active Directory Rights Management Services in Windows Server.

Active Directory Lightweight Directory Services (LDS)
This module provides an overview of Active Directory Lightweight Directory Services in Windows Server.

See these supplemental videos for AD tips and tricks:


Security Fundamentals Training Course - Microsoft Virtual Academy

With this Microsoft Technology Associate (MTA) Training course, you can prepare for MTA Exam 98-367. Build an understanding of security layers, operating system security, network security, and security software. The course leverages Microsoft Official Academic Course (MOAC) material for this exam.

Understanding Security Layers
Learn about defense in depth and the various options available for securing resources at the various layers at a high level.

Authentication, Authorization, and Accounting
Get an introduction to the topics of authentication, authorization, and accounting—what they are, how they are different, and how each is implemented and managed. Look at available options and how to use some of the tools in Windows for implementing each one.

Understanding Security Policies
Hear about security policies and how they may work in an organization. See how policies provided by Group Policy can prevent unauthorized access to an organization's resources.

Understanding Network Security
A network can be the most vulnerable part of an IT infrastructure. Learn some of the methods and options for securing these invaluable assets, and gain from a discussion of firewalls, Network Access Protection (NAP), protocols, and wireless networks, from a security standpoint.

Protecting the Server and Client
Learn about protecting the physical assets in your organization, including servers and clients—and the software running on them—and how to secure them.

Security in the Enterprise - Microsoft Virtual Academy

Do you know how cybercriminals work? Get helpful insight, in this cybersecurity course. As an IT Pro, you know that the computer threat landscape is continually changing and that increasingly sophisticated attacks are targeting your organization's infrastructure and confidential information.

Walk with experts through social media platforms to discover how they really work. Get tips and practical advice on social networking security. Plus, explore methods of developing a secure baseline and how to harden your Windows Enterprise architectures and applications from pass-the-hash and other advanced attacks, and look at system patching. Finally, learn how to help improve your organization's security with Microsoft operating systems and tools.

1 | Security Landscape of Today and Tomorrow
Learn about how the computer threat landscape is continually changing and how increasingly sophisticated attacks are targeting your organization’s infrastructure and confidential information.

2 | Social Media Security
In this eye-opening journey, venture into the very heart of social media platforms to discover how they really work. Get tips and practical advice on social networking security.

3 | Advanced Windows Defense
Explore methods of developing a secure baseline and how to harden your Windows Enterprise architectures and applications from pass-the-hash and other advanced attacks.

4 | Free Tools to Protect Your Windows Environment
Learn how Windows Clients are ready to mitigate some of these attacks and how you can utilize your security skills.

5 | Vulnerability and Patch Management
Do you patch your systems? How often? Do you know why you should take action against patching your systems? Find out, in this helpful module.

6 | Top Mitigation Methods to Protect Your Enterprise
Learn how to improve IT security with Microsoft operating systems and tools.

Get learning!

Claus Valca

Windows Updating Fixes - Maybe

I have two Windows 7 Pro x64 systems up at the church-house that refuse to comply and install IE 11.

I keep reviewing the install log at C:\Windows\IE11_main.log for failure analysis and all the requirements seem to be present, but it still fails; both via Windows Updates or a manual (re) installation of all the pre-requisites and the main IE 11 install file.

(When I find where I put those log file captures I’ll update the post with more detail.)

Update: Found my log file capture! Install error 09C57

This is from just one of the two machines I’m having the same issue with. I need to pull the second system’s IE install log and compare to see if they match. I suspect they will.

It doesn’t matter if I run either the manual IE 11 installer package or the Windows Update obtained package…results end the same.

I’m cleaning up the log file and picking only some of the key lines from it for brevity.

  • Command line: "C:\Users\profile\Downloads\IE11-Windows6.1-x64-en-us.exe"
  • iexplore.exe version check success. Install can proceed.
  • Updated Download list, Hardware Blocking list, and no reboot policy files successfully downloaded and extracted for use.
  • Launched program to check hardware: "C:\Windows\TEMP\IE1924.tmp\IE11-SUPPORT\IEXPLORE.EXE" /CheckHardware "C:\Windows\TEMP\IE1924.tmp\IE11-support\HardwareBlockingList.xml"
  • Graphics Device Information: NVIDIA Quadro NVS 295
  • Hardware support check succeeded. Installation will continue.
    <cv note: all 9 of the packages download fine>
  • Prerequisite download processes have completed. Starting Installation of 9 prerequisites.
  • Launched package installation: C:\Windows\SysNative\dism.exe /online /add-package /packagepath:C:\Windows\TEMP\IE1924.tmp\KB2834140\ /quiet /norestart
  • Process 'C:\Windows\SysNative\dism.exe /online /add-package /packagepath:C:\Windows\TEMP\IE1924.tmp\KB2834140\ /quiet /norestart' exited with exit code 0x800F081E (-2146498530)
  • Error installing prerequisite file (C:\Windows\TEMP\IE1924.tmp\KB2834140_amd64.MSU): 0x800f081e (2148468766)
  • PauseOrResumeAUThread: Successfully resumed Automatic Updates.
  • Setup exit code: 0x00009C57 (40023) - Prerequisites failed to install.

I had tried to manually install each of the prerequisite files and don’t remember having any issues though I seem to recall when getting to KB2834140 it said it wasn’t required/needed on the system and exited.

The key clue is “exit code 0x800F081E (-2146498530)” which I understand means "The specified package is not applicable to this image".

Maybe I’ve got the system looking at and pulling a corrupted WSUS update?

Anyway…I’ll be coming back to this with a fresh post soon. Chasing down possibilities from these error codes quickly becomes an Alice in Wonderland adventure.

Likewise, at work found that some of our Surface Pro 3 tablets just don’t want to pull updates down from the WSUS.

Normally when a system is “stuck” getting updated WSUS patch delivery we might escalate getting it going (after confirming it is correctly pointing in the Registry) by first doing a “gpupdate /force”. I know.

If that doesn’t work we next try the following.

  1. wuauclt /resetauthorization /detectnow
  2. (wait 5-10 minutes)
  3. wuauclt /reportnow

If failing that, this routine comes.

  1. Stop the Automatic Updates service
  2. Rename the software distribution folder (i.e. C:\Windows\SoftwareDistribution).
  3. Restart the Automatic Update service
  4. wuauclt /resetauthorization /detectnow
  5. (wait 5-10 minutes)
  6. wuauclt /reportnow

Only that still didn’t work on the Surface Pro 3’s.

I really hoped not to reimage the systems as a “troubleshootin” solution as that is a lot of work and user impact so…I managed to get them working thusly.

I had checked the C:\Windows\WindowsUpdate.log and found a particular error that came up after each “manual” update refresh attempt.

That led me to this solution.

Since it was a Windows 8.1 system I ran the following command.

DISM.exe /Online /Cleanup-image /Restorehealth

It found an error with an AMD-related update package component (go figure) and repaired it.

After it completed, I did a system reboot and the updates have flowed faithfully since.

If you have a Windows 7 system, then you can use this System Update Readiness tool.

More Information and additional tools and tips:

None of those have helped with my IE 11 installation issue but with IE 8 (that it is stuck on since IE 9-10 also won’t go on) retiring soon, I’m determined to get it fixed once and for all.


Claus Valca

Same Bread; brought to you by Dell

One of the smaller pleasures in life that Lavie and I share are watching the BBC short animated series “Sarah and Duck”.

Alvis is long-gone from the nest but the animation and crack-storytelling of this series is addictive. We keep coming back from more.

There is a card game that Sarah and Duck often are found playing called “Same Bread”. When I grew up we played a variant called “Snap”. The thought is you take turns laying cards from your pile and when a match (same bread picture) results you yell “Same Bread” and slap down on the cards first to win the pile.

So what has this to do with anything?

Dell = Lenovo “Same Bread!” (well almost)

So here was Lenovo’s card from earlier this year

And this week Dell’s card came out; pardon the mess but it was a messy round…they actually played two cards in this game.

Note that I’ve tried to order them from most technically helpful/detailed downward. If you just want to check/fix the issue on your Dell system, jump down to the bottom of the list.

Cleanup and Mitigation

Let’s Go Explore!

That post by Martin Brinkmann has a review/link to RCC to scan the Windows Certificate Store and detect potentially questionable certs. You will have to carefully research and decide on your own if any should be removed.

Check out also his “CTLInfo” app. It is portable and GUI based and can show/report on the Windows system’s Root Certificate Trust List. Added to my utility collection.

These posts are also good showing CTLInfo in action:

Microsoft also has some helpful info.


Claus Valca

Biting the hand…

Just looking for the needle and thread and peroxide bottle…

Possible solutions (first-aid bandages)

Moving on…

Claus Valca

Adobe Flash Download Changes

I noticed the other day when snagging the latest Adobe Flash Player update from the Adobe binary download site that they will be removing most access to the “standalone” Flash Player download files.

Adobe Flash Player Distribution - Adobe


That really bites as it is a great way to bypass all the nonsense with third-party app installs during your Flash installs/upgrades for friends and family.

On my own systems I have Flash Player set to notify me of new updates but to not install them automatically. I’ve yet to see a notification from the app that a new Flash version is available.

I’ve also gone back to check on systems that I manage Flash manually on for others and find that they do have the latest Flash version already -- and a third-party application (usually a tool bar helper or security application) installed that came along with the update ride that the user didn’t catch.

And under the revised access system, you will need to have an active Internet connection to access the on-line update download.

I’m not sure yet if some of the trusted third-party download sites I use will continue to be able to offer just the binary files for access. I prefer to get my binaries directly from the source, but that isn’t an option after January 22nd.  And these might not be available either.

Really, it’s yet another nail in the coffin lid to remove Flash altogether from my systems

Then there is this tweet tip from Aral Balkan that basically reminds us we can often use the F12 developer tools to emulate (user-agent switch to) an iPad or other mobile device with our browser. That may get us “Flash” content that is available if you don’t have Flash installed.

Related Java tip:


Claus Valca