Friday, October 12, 2018

QuickPost: Removing Trend Micro Worry-Free Business Security Agent without the password

Not too long ago one of the ministry departments of the church-house needed a computer set up in their room to help manage things.

We had an older Dell laptop that was a beater, but was a business class device that still retained more than adequate performance.

It took me the better part of a weekend to bring the Win 7 Pro OS back up to a fully patched and updated state and clean a lot of older/abandoned applications off.

One of my last tasks was to remove the long-expired Trend Micro Worry-Free Business Security Agent off the system.

add-remove

Before the uninstaller can complete, you must provide an administrator-set password (as a security feature).  Unfortunately, the admin who set it had long-since left the congregation and no documentation was left as to what it could be.

password

Bother.

Luckily, PowerBiz Solutions “down-under” had a promising tip:

How to uninstall Trend Micro’s Worry Free Business Security client agent without the password - PowerBiz Solutions

The link back to Trend Micro’s solutions page is now “404” but it provided a good start:

Basically, it involves setting the registry key “Allow Uninstall” to 1.
For WFBS versions 5.x and 6.x, this key is located here – HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc
For WFBS versions 7.x, this key can be found here – HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\UniClient\1600\Misc

In my particular case, the version appeared to be 7.x.

version

A quick look in the Registry found the “AllowUninstall” key.

Capture-reg

…which I then changed to the needed “1” value.

Capture-regchange

Once set, I was then able to go back and run the uninstaller without any password prompt.

success

Done

Success and done!

I then followed it up with a Microsoft Security Essentials installation that went on without issue and will provide sufficient real-time protection and current signature updates for AV/AM protection.

Cheers!

--Claus V.

Sunday, July 29, 2018

QuickPost: PowerShell Scripts and Win 10 Helps

Since having a system migrated to Windows 10, I’ve noticed a trend of the hard-drive getting significantly fuller now.  I’ve done all the standard post-migration cleanups. I cleared over 40 GB of old software packages off the system and was feeling pretty good.  The next day all my space-gains were lost and I was back at 100 GB of free space where I started.

I suspect there is some caching activity going on in the background and that it running off a quota that keeps me returning to the magical 100 GB free of a 500 GB drive.

Normally, I’d just run one of these tools to identify the space/file hogs and start cleaning up. I’ve ordered these in my general preference; though I like them all for slightly different things they bring to the table on a space-hunt.

However in this case I cannot use any third-party tools and must stick with using Microsoft OS-based solutions only.

So that led me to find a script I could use in PowerShell.

I’ve divided them into file-size analyzers and folder-size analyzers.

I found it is relatively easy to hunt down singular files on your system in PowerShell that are the largest. However, what happens if you have a bunch-load of very small files? Individually they may never float to the top, however in aggregate, they could add up to a lot of space usage.

I’ve listed these as well in my order of preference.

Note: They all seemed to run fine on my Win 10 systems in PowerShell ISE – though tweaking was needed for each one to target specific folders and/or report outputs – depending on the script.

PowerShell File-Hog Hunters

PowerShell Folder-Hog Hunters

If you do export output to CSV and don’t “pre-format” the bytes output to MB, here is a tip on a custom formatting rule in Excel you can use to make it more readable.

formatting - How can I format bytes a cell in Excel as KB, MB, GB etc? - Stack Overflow

I’ve not loaded Ubuntu on Windows to have a Bash console, but in looking for tools, I came across this that looked pretty neat: ncdu: Identify Large Files on Windows 10 - Trevor Sullivan

Finally, on Win 7 I used a pretty small set of common keyboard shortcut to navigate my way around the system.  In Windows 10, I’m finding a desire to expand my quick-access key combo skills. Here are some good resources:

If I’ve missed a useful script or you have any tips for hunting for space/file hogs using only “on-board” native Windows 10 OS tools, please drop a comment!

I expect I’ll be adding to the list of links in this post too as I uncover more PowerShell scripts that could be useful. As I post this, I think I am overlooking one or two others that I found useful

Cheers!

--Claus V.

Saturday, May 26, 2018

Windows Defender Security Center Health Report detail missing

Right now I am running Windows 10 Home x64 OS build version 1803 (aka April Update).

There are a few nutty things that I have observed over the past few week. Though the update itself went on smoothly with no issues.

Recently I noticed that the Windows Defender Security icon in the system tray has started to display an error indicator.

yrl10gkv.tda

Normally that means I need to run a “Quick Scan”, however in this build, that also brings up the Windows Defender Security Center that has a Health report.

The error was caused by a Device driver with one recommendation showing to clear.

jszxn15f.ghb

Selecting the down-arrow to expand however resulted in nothing seen.

ug1efk2x.52p

Reboots did not clear the issue.

The non-display of items in the Health report page appears to be a fairly common issue with a number of suggested fixes.

There were a number of different ways I could approach tackling this issue, but here is the way I cleared the problem that most people may find more informative.

I pressed the “Windows” key and then the “R” key to bring up the Run box.

I then typed “perfmon /report” and clicked “OK”.  (more here).

imkqfah4.kut

After a minute or two the same Health report was generated but in greater detail via the Resource and Performance Monitor.

Looking in the Warnings/Error section, it was immediately obvious to me that the driver issue was related to the “Virtual CloneDrive” application I have installed.

(Note: I ignored the Photosmart printer error because my printer was offline.)

pnkjpbe3.i0x

I have used Virtual CloneDrive from Elaborate Bytes for a very long time with great results. It allows me to mount a wide range of “image” files such a ISO, BIN, and IMG types (among others) as a virtual drive letter for quick content access. It is free and says it is Win 10 compatible.  However it hasn’t been updated for some time.

I next checked my Device Manager properties and confirmed that the device driver was in error.

wt43h0is.f2s

Rather than go about trying to fix this particular issue, I just uninstalled Virtual CloneDrive from my system. This cleared the error in the Device Manager view.

amyb333v.lj1

Checking the Windows Defender Security Center Health report found the error now cleared.

lmyu5lhm.a53

…and the Windows Defender system icon restored to a normal health state.

f2lkwy1s.k1u

Takeaway: if you want really detailed breakdown of issues found in the Health Report, run a “perfmon /report” session to collect your system state details then get troubleshooting!

Additional notes:

Because I was already using the incredible (and in many ways more fully-featured) Pismo File Mount Audit Package application from Pismo Technic Inc. to mount most of my ISO image files anyway, I just updated that one to the latest version available and didn’t bother to reinstall Virtual CloneDrive.

I also have these applications as well on my system so I’m not missing anything when I need to mount a  particular image file:

Cheers!

--Claus V.