Saturday, December 12, 2015

The Struggles

Fittingly I had this post fully composed and was cleaning up the formatting in the Blogger WYSIWYG in Chromium when the browser page jumped back and I lost it all…maybe I brushed the laptop touch pad and it interpreted it as a gesture action. Don’t know. This current build of Chromium seems jumpy. I had the same thing happen on some general web-page browsing as well.

So my new blog posting process is to compose fully in WLW (at least that works). Then copy/paste into the Blogger WYSIWYG editor. Using anything but Chromium. We’ll see how that works.

So what I was trying to post is that these past two days have been filled with struggling against a series of random events during normal pc maintenance around the Valca home.

I spent several hours last night working on updating Lavie’s Dell Inspiron laptop; mostly Windows updates and third-party browser updates. Then I went through her “Programs & Features” and worked though each of those seeing if they had updated versions. Many did. So I took care of those.

I discovered that while the WiFi was working normally again under Win 8.1, the “Dell Wireless WiFi + Bluetooth Driver” install package listed in “Programs and Features” was corrupted. I couldn’t remove it. I wanted to be sure I had the installer package on hand in case a future Win 10 upgrade borked it again. Luckily I both found it - Dell Wireless 1703 WiFi+ Bluetooth Driver Driver Details – and was able to use it to do a repair/reinstall to get it on clean again under Win 8.1.

Of course, iTunes wanted to be updated, so I used the Apple Software Updater but it complained about the “iPod Service” not being able to start so the install kept failing. I then tried to download and run the iTunes package rather than using the updater but that failed at the same point.

I found this post Service ‘iPod Service’ (iPod Service) could not be installed... over in the Apple Support forums and followed “rickybpta” steps.
  • close SysInternals's Process Explorer ( if you have it and it's open )
  • close all Task Manager(s)
  • close Windows Services console ( services.msc )
  • close all command prompts ( cmd.exe )
  • open a cmd.exe as Admin
    • run: sc create "iPod Service" binpath= "C:\Program Files\iPod\bin\iPodService.exe"
    • close all command prompts ( cmd.exe )
  • open Windows Services console ( services.msc )
    • look for "iPod Service", see if it's not Disabled. If so, start it
    • close Windows Services console ( services.msc )
  • Run iTunes.msi again ( previously downloaded via the Apple Software Update's Only Download function )
That did the trick and it went on without any other fuss.

While I was doing all this work Lavie’s laptop seemed sluggish. In fact it has seemed that way to me for some time (Lavie shrugs) and I’ve been considering upgrading it to a SSD drive.  I was monitoring the performance using System Explorer’s process tree and Task Manager graphs but not really seeing any clues.

Then I opened up Resource Monitor and focused in on the file activity. I was shocked to see that the process that was doing all the file reads/writes was Classic Shell. To see if this could be responsible I closed out Classic Shell and the system sprang to life again. It seemed much more responsive and snappy again.

Lavie is going to see if the system seems better with Classic Shell after all the clean up work and then with it turned off before she considers letting me disable/remove it.

I’ve also followed this tip to add a semblance of a Start – All Programs list to the task bar. It’s a great tip and one I like to do for our Win 8.1 tablet users.
That service work alone on Lavie’s laptop should have been enough for the weekend.

However, I ran into a new round of issues on my workbench laptop this morning.

First off, VMware Workstation Player offered me an update to 12.1.0.  Sure.

Only the installer failed and left me with an error that “"Service VMware Authorization failed (VMAuthdService") could not be installed. Verify that you have sufficient privileges to install system services.”

I tried a few more times with no success.

I then downloaded the setup file directly from VMware and tried an install with the /clean switch but it said it couldn’t find an installed version.

Checking the Windows Services found a series of VMware related services that were “present” but looked like they were marked for deletion.

I walked though this VMware KB: Cleaning up after an incomplete uninstallation on a Windows host KB but wasn’t finding any remnants at all of the previously working installation.  So it looked like it had been taken off ok.

So I just rebooted the system and indeed the VMware service items were gone.  I tried the installer again with fingers crossed and the installer went on smoothly and the app ran again with no issues.

Whew!

And no sooner had I completed that task than GlassWire wanted to update to a new version as well.

So I went though the download/install process and it seemed to go on OK, but when it opened up it could not reconnect to the Glasswire service.

When I checked the Windows Service for it again it also showed marked for deletion.

So I uninstalled Glasswire, rebooted reinstalled Glasswire but again it could not attach to the service.

I checked the service again. It was present and set to Automatic but stopped. When I clicked “start” the service launch crashed with an error I didn’t capture.

Rinse-repeat-same result.

The updated Glasswire version 1.1.36b was doing fine on the upgrade process on Lavie’s laptop and my other Win 7 x64 laptop so I’m not sure what was the issue here.

Next I found an even newer version 1.1.4.850b. Same issues.

Finally I found the original Glasswire version 1.1.32b on one of my duplicated (but not recently sync’ed) USB drives.

That installed fine. The Glasswire service started automatically, and the app reconnected with no issues. So I’m leaving it there for the moment on this system.

Bother!

Claus Valca.



Windows Live Writer Goes Open - Hurray - WLW breaks - Booo!

Well I was all set to excitedly post news about the announcement that Windows Live Writer has gone to an Open Source project release.

Hurray!


Only I got an account/password error during installation when configuring it up to the Blogger system.

Oh well, let me just launch my original WLW installation and go from there...

Nopes.
Turns out it looks like Google has timed it's depreciation of the WLW authentication method so it now will not work.

Booo!


Per a comment in the thread by "Hirschy" earlier today...

The issue is well known and is being worked on as part of the Open Live Writer project, please see https://github.com/OpenLiveWriter/OpenLiveWriter/issues/5 for progress
The reason it's not working is that a few years ago Google deprecated the authentication process that Live Writer uses,  i.e. Google declared it as obsolete because it is not secure enough for the modern web, and developers should stop using it ASAP. Unfortunately Live Writer was not updated to use the new more secure OAuth 2 standard. Google removed support for it back in about May this year, then temporarily re-enabled it for Blogger / WLW, now it looks like they have pulled it for good.
It's not straightforward to fix, certainly more than a couple of lines of code. If you want to comment, please post to the GitHub issue via the link above, as that will be read by the developers. They will not generally be following the MS forums as it's no longer an MS product.
Convert Google Blogger ClientLogin to OAuth 2.0 · Issue #5 - OpenLiveWriter/OpenLiveWriter · GitHub

And as "ronmartmsft commented on the issue page:
This could not have happened at a worse time given how many bloggers rely on the holiday season for income. It seems that Google has taken the release of this product as a green light to finally deprecate the legacy auth leaving Blogger users stranded.
Track here - https://productforums.google.com/forum/?utm_medium=email&utm_source=footer#!msg/blogger/lw_sNsyySKI/FyMxf1DBBwAJ
I must agree.

The initial excitement I had at a new WLW release...even if missing spellchecking at this stage was heavily tamped down with the breaking of the original WLW posting to Blogger.

It's not clear to me yet if other alternative blogging clients that can interface with Blogger will also hit that brick wall.

I'm composing this post in the Blogger web page UI but that won't do for regular posting.

So until this sorts out -- please be patient while the blog posting at GSD slows down.

Bummed for the moment.

--Claus Valca

Saturday, November 28, 2015

Web Browser Linkpost: Turkey Day Edition

Clearly I’m finding a little bit of time in the post Thanksgiving Day period to catch up on some blogging.

Here are some new browser bits I’ve tucked away over the past several weeks.

Tracking & Security

Vivaldi

Firefox and Mozilla Developments

FavIcon Reloader - Add-ons for Firefox - having two primary systems, and two Mozilla based browsers (Firefox and Pale Moon) means that my considerable bookmark library often gets out of sync. I don’t use an on-line sync solution but rather back-up/restore the file between apps/systems. That’s great but I loos my favicons if the difference. FavIcon Reloader works great to get the icons back. I tend to use them as visual clues a lot more than I realized.

ConfigFox - utility update to version 1.4.3

More…

Firefox finally comes to iOS - Ars Technica - meh..

Pale Moon

List of Pale Moon specific about:config preferences - gHacks Tech News

Cheers,

Claus Valca

GSD Superpost: Windows Performance Troubleshooting

It has been a long time since my Case of the Unexplained Donut of Death post where I dip into the deeper waters of Windows Performance troubleshooting.

I might use…

But eventually I hit upon the Windows Performance Analysis Toolkit in Windows 8 (SDK 8) and newer (Win 8.1 & 10).  See this GSD post for linkages to more tool tips for the above items.

Later I would find an additional tool PerfView that helps with trace file collection and analysis.

Now Windows 10 is out and while I really need to invest in a deep dive of a resource like the Windows Performance Analysis Field Guide (amazon link) by Clint Huffman, there are still a lot of tools and resources still to be discovered.

I’m still trying to understand the new feature set and capability of Windows Performance Toolkit for Windows 10.

The latest tool that has inspired me is Bruce Dawson’s “UIforETW” tool.

This is a tool that records ETW traces, works around ETW performance bugs, allows configuration of trace recording options, works as a trace management UI, and more.

Basically you download it, run it, allow it to install the required WPT packages, and then pretty much start tracing. It records to a circular buffer so if you experience something interesting, save the trace and rename/note it, and the trace keeps on going while you go exploring the captured trace file. Read Bruce’s post for a full walk-through.

Bruce also has some good posts on performance troubleshooting.

This is an awesomely helpful tool to keep on your USB drive!

I had also just discovered Clint Huffman’s PAL (Performance Analysis of Logs) Tool

Both the ETW tool and the PerfView tool in particular should make it easy for me to leave a shortcut on a user’s desk so they can run the tool if I need them to capture a recurring performance issue, then let me collect the (large) trace file at a later time for deeper analysis.

However it would be nice to make a scripted “click-to-run” or “circular capture at startup” routine for ongoing troubleshooting; assuming resources (disk space and system performance) are up to the task.

I’m looking at these posts for inspiration and refinement.

Of course, just being able to collect ETL trace files and look at them with the Windows Performance Analyzer tool isn’t remotely close to fixing the issue. Generally there aren’t any singing angels present pointing the way to the problem process or issue.

You have to deep dive into the trace file to isolate the issue and drill down into the root cause; then come up with a solution.

So here are a BUNCH of video resources (and a few blog posts) to help with the learning process and to illustrate the tools mentioned and techniques used in Windows performance troubleshooting.  I’m collecting them here so I can find them quickly when I need some inspiration or deeper learning.

Defrag Tools - Windows Performance Toolkit (WPT) Videos

Defrag Tools - PerfView Videos

Defrag Tools - General Troubleshooting Videos

Advanced, Deep, and Challenging Performance Troubleshooting Videos

That should keep us busy for a while!

Cheers!

Claus Valca

Microsoft Training Courses: Networks, AD, & Security

I found these the other day while working on a project at work.

Networking

Networking Fundamentals - Microsoft Virtual Academy

Want to learn network security fundamentals? In this MVA course, discover the building blocks of modern network design and function and prepare for Exam 98-366: Networking Fundamentals, part of an MTA certification. Our online network security training course is free of charge and led by an expert who can help you build your skills and career.

Take this networking fundamentals training, and find out how to put the many pieces together to build a functional and secure network.

Understanding Local Area Networking
In this module you’ll learn about basic concepts and Local Area Networking.

Defining Networks with the OSI Model
This module describes the OSI model and how its layers determine how network traffic is moved and consumed.

Understanding Wired and Wireless Networks
This module covers the basics of wired and wireless media, protocols, standards, and concepts.

Understanding Internet Protocol
In this module you’ll learn about Internet Protocol (IP) and how it makes the internet and modern networks function.

Implementing TCP/IP in the Command Line
This module describes the tools used to manage and troubleshoot networks.

Working with Networking Services
This module describes the services that can be provided and that are required for a network to function.

Understanding Wide Area Networks
In this module you’ll learn about connecting your local area network to other local area networks over large geographic areas and across multiple types of boundaries.

Defining Network Infrastructure and Network Security
This module show you how to appropriately use the tools described in earlier modules to build a functional, secure network.

Recommended Resources and Next Steps for Networking Fundamentals
The information in this module provides you with an opportunity to dive deeper into Networking Fundamentals, at your own pace.

See also Networking Fundamentals - Channel 9

Another version perhaps or same one repackaged?

Introduction to Networking Fundamentals - Microsoft Virtual Academy

Educators, are you looking for a fast-paced and comprehensive introduction to network fundamentals? This on-demand, independent study course is just the ticket. Explore the basics of networking, and get a firm understanding of the underlying concepts. Each of these modules for educators and other learners runs about 30 minutes and covers new concepts, while reinforcing earlier topics. The course includes PowerPoint presentations for use individually or in the classroom.

Taught by educators with attention to the needs of school teachers and students, these courses address Local Area Networks (LANs), network definition using the OSI model, wired and wireless networks, Internet Protocol (IP), TCP/IP in the command line, networking services, wide area networks (WANs), and much more!

See these shorter supplemental videos for networking tips and tricks:

Active Directory

Active Directory Beginners Course - Microsoft Virtual Academy

This course provides students an introduction to Active Directory server roles in Windows Server. The course is intended for entry level students who want to get familiar with the Active Directory server roles and their basic functionality.

Introduction to Active Directory
This module provides an overview of the Active Directory roles available in Windows Server.

Active Directory Domain Services (DS)
This module provides an overview of Active Directory Domain Services in Windows Server.

Active Directory Certificate Services (CS)
This module provides an overview of Active Directory Certificate Services in Windows Server.

Active Directory Federation Services (FS)
This module provides an overview of Active Directory Federation Services in Windows Server.

Active Directory Rights Management Services (RMS)
This module provides an overview of Active Directory Rights Management Services in Windows Server.

Active Directory Lightweight Directory Services (LDS)
This module provides an overview of Active Directory Lightweight Directory Services in Windows Server.

See these supplemental videos for AD tips and tricks:

Security

Security Fundamentals Training Course - Microsoft Virtual Academy

With this Microsoft Technology Associate (MTA) Training course, you can prepare for MTA Exam 98-367. Build an understanding of security layers, operating system security, network security, and security software. The course leverages Microsoft Official Academic Course (MOAC) material for this exam.

Understanding Security Layers
Learn about defense in depth and the various options available for securing resources at the various layers at a high level.

Authentication, Authorization, and Accounting
Get an introduction to the topics of authentication, authorization, and accounting—what they are, how they are different, and how each is implemented and managed. Look at available options and how to use some of the tools in Windows for implementing each one.

Understanding Security Policies
Hear about security policies and how they may work in an organization. See how policies provided by Group Policy can prevent unauthorized access to an organization's resources.

Understanding Network Security
A network can be the most vulnerable part of an IT infrastructure. Learn some of the methods and options for securing these invaluable assets, and gain from a discussion of firewalls, Network Access Protection (NAP), protocols, and wireless networks, from a security standpoint.

Protecting the Server and Client
Learn about protecting the physical assets in your organization, including servers and clients—and the software running on them—and how to secure them.

Security in the Enterprise - Microsoft Virtual Academy

Do you know how cybercriminals work? Get helpful insight, in this cybersecurity course. As an IT Pro, you know that the computer threat landscape is continually changing and that increasingly sophisticated attacks are targeting your organization's infrastructure and confidential information.

Walk with experts through social media platforms to discover how they really work. Get tips and practical advice on social networking security. Plus, explore methods of developing a secure baseline and how to harden your Windows Enterprise architectures and applications from pass-the-hash and other advanced attacks, and look at system patching. Finally, learn how to help improve your organization's security with Microsoft operating systems and tools.

1 | Security Landscape of Today and Tomorrow
Learn about how the computer threat landscape is continually changing and how increasingly sophisticated attacks are targeting your organization’s infrastructure and confidential information.

2 | Social Media Security
In this eye-opening journey, venture into the very heart of social media platforms to discover how they really work. Get tips and practical advice on social networking security.

3 | Advanced Windows Defense
Explore methods of developing a secure baseline and how to harden your Windows Enterprise architectures and applications from pass-the-hash and other advanced attacks.

4 | Free Tools to Protect Your Windows Environment
Learn how Windows Clients are ready to mitigate some of these attacks and how you can utilize your security skills.

5 | Vulnerability and Patch Management
Do you patch your systems? How often? Do you know why you should take action against patching your systems? Find out, in this helpful module.

6 | Top Mitigation Methods to Protect Your Enterprise
Learn how to improve IT security with Microsoft operating systems and tools.

Get learning!

Claus Valca

Windows Updating Fixes - Maybe

I have two Windows 7 Pro x64 systems up at the church-house that refuse to comply and install IE 11.

I keep reviewing the install log at C:\Windows\IE11_main.log for failure analysis and all the requirements seem to be present, but it still fails; both via Windows Updates or a manual (re) installation of all the pre-requisites and the main IE 11 install file.

(When I find where I put those log file captures I’ll update the post with more detail.)

Update: Found my log file capture! Install error 09C57

This is from just one of the two machines I’m having the same issue with. I need to pull the second system’s IE install log and compare to see if they match. I suspect they will.

It doesn’t matter if I run either the manual IE 11 installer package or the Windows Update obtained package…results end the same.

I’m cleaning up the log file and picking only some of the key lines from it for brevity.

  • Command line: "C:\Users\profile\Downloads\IE11-Windows6.1-x64-en-us.exe"
  • iexplore.exe version check success. Install can proceed.
  • Updated Download list, Hardware Blocking list, and no reboot policy files successfully downloaded and extracted for use.
  • Launched program to check hardware: "C:\Windows\TEMP\IE1924.tmp\IE11-SUPPORT\IEXPLORE.EXE" /CheckHardware "C:\Windows\TEMP\IE1924.tmp\IE11-support\HardwareBlockingList.xml"
  • Graphics Device Information: NVIDIA Quadro NVS 295
  • Hardware support check succeeded. Installation will continue.
    <cv note: all 9 of the packages download fine>
  • Prerequisite download processes have completed. Starting Installation of 9 prerequisites.
  • Launched package installation: C:\Windows\SysNative\dism.exe /online /add-package /packagepath:C:\Windows\TEMP\IE1924.tmp\KB2834140\Windows6.1-KB2834140-v2-x64.cab /quiet /norestart
  • Process 'C:\Windows\SysNative\dism.exe /online /add-package /packagepath:C:\Windows\TEMP\IE1924.tmp\KB2834140\Windows6.1-KB2834140-v2-x64.cab /quiet /norestart' exited with exit code 0x800F081E (-2146498530)
  • Error installing prerequisite file (C:\Windows\TEMP\IE1924.tmp\KB2834140_amd64.MSU): 0x800f081e (2148468766)
  • PauseOrResumeAUThread: Successfully resumed Automatic Updates.
  • Setup exit code: 0x00009C57 (40023) - Prerequisites failed to install.

I had tried to manually install each of the prerequisite files and don’t remember having any issues though I seem to recall when getting to KB2834140 it said it wasn’t required/needed on the system and exited.

The key clue is “exit code 0x800F081E (-2146498530)” which I understand means "The specified package is not applicable to this image".

Maybe I’ve got the system looking at and pulling a corrupted WSUS update?

Anyway…I’ll be coming back to this with a fresh post soon. Chasing down possibilities from these error codes quickly becomes an Alice in Wonderland adventure.

Likewise, at work found that some of our Surface Pro 3 tablets just don’t want to pull updates down from the WSUS.

Normally when a system is “stuck” getting updated WSUS patch delivery we might escalate getting it going (after confirming it is correctly pointing in the Registry) by first doing a “gpupdate /force”. I know.

If that doesn’t work we next try the following.

  1. wuauclt /resetauthorization /detectnow
  2. (wait 5-10 minutes)
  3. wuauclt /reportnow

If failing that, this routine comes.

  1. Stop the Automatic Updates service
  2. Rename the software distribution folder (i.e. C:\Windows\SoftwareDistribution).
  3. Restart the Automatic Update service
  4. wuauclt /resetauthorization /detectnow
  5. (wait 5-10 minutes)
  6. wuauclt /reportnow

Only that still didn’t work on the Surface Pro 3’s.

I really hoped not to reimage the systems as a “troubleshootin” solution as that is a lot of work and user impact so…I managed to get them working thusly.

I had checked the C:\Windows\WindowsUpdate.log and found a particular error that came up after each “manual” update refresh attempt.

That led me to this solution.

Since it was a Windows 8.1 system I ran the following command.

DISM.exe /Online /Cleanup-image /Restorehealth

It found an error with an AMD-related update package component (go figure) and repaired it.

After it completed, I did a system reboot and the updates have flowed faithfully since.

If you have a Windows 7 system, then you can use this System Update Readiness tool.

More Information and additional tools and tips:

None of those have helped with my IE 11 installation issue but with IE 8 (that it is stuck on since IE 9-10 also won’t go on) retiring soon, I’m determined to get it fixed once and for all.

Cheers!

Claus Valca

Same Bread; brought to you by Dell

One of the smaller pleasures in life that Lavie and I share are watching the BBC short animated series “Sarah and Duck”.

Alvis is long-gone from the nest but the animation and crack-storytelling of this series is addictive. We keep coming back from more.

There is a card game that Sarah and Duck often are found playing called “Same Bread”. When I grew up we played a variant called “Snap”. The thought is you take turns laying cards from your pile and when a match (same bread picture) results you yell “Same Bread” and slap down on the cards first to win the pile.

So what has this to do with anything?

Dell = Lenovo “Same Bread!” (well almost)

So here was Lenovo’s card from earlier this year

And this week Dell’s card came out; pardon the mess but it was a messy round…they actually played two cards in this game.

Note that I’ve tried to order them from most technically helpful/detailed downward. If you just want to check/fix the issue on your Dell system, jump down to the bottom of the list.

Cleanup and Mitigation

Let’s Go Explore!

That post by Martin Brinkmann has a review/link to RCC to scan the Windows Certificate Store and detect potentially questionable certs. You will have to carefully research and decide on your own if any should be removed.

Check out also his “CTLInfo” app. It is portable and GUI based and can show/report on the Windows system’s Root Certificate Trust List. Added to my utility collection.

These posts are also good showing CTLInfo in action:

Microsoft also has some helpful info.

Goodness.

Claus Valca

Biting the hand…

Just looking for the needle and thread and peroxide bottle…

Possible solutions (first-aid bandages)

Moving on…

Claus Valca

Adobe Flash Download Changes

I noticed the other day when snagging the latest Adobe Flash Player update from the Adobe binary download site that they will be removing most access to the “standalone” Flash Player download files.

Adobe Flash Player Distribution - Adobe

0xhiics3.nmw

That really bites as it is a great way to bypass all the nonsense with third-party app installs during your Flash installs/upgrades for friends and family.

On my own systems I have Flash Player set to notify me of new updates but to not install them automatically. I’ve yet to see a notification from the app that a new Flash version is available.

I’ve also gone back to check on systems that I manage Flash manually on for others and find that they do have the latest Flash version already -- and a third-party application (usually a tool bar helper or security application) installed that came along with the update ride that the user didn’t catch.

And under the revised access system, you will need to have an active Internet connection to access the on-line update download.

I’m not sure yet if some of the trusted third-party download sites I use will continue to be able to offer just the binary files for access. I prefer to get my binaries directly from the source, but that isn’t an option after January 22nd.  And these might not be available either.

Really, it’s yet another nail in the coffin lid to remove Flash altogether from my systems

Then there is this tweet tip from Aral Balkan that basically reminds us we can often use the F12 developer tools to emulate (user-agent switch to) an iPad or other mobile device with our browser. That may get us “Flash” content that is available if you don’t have Flash installed.

Related Java tip:

Sigh…

Claus Valca

Malwarebytes Updates: Anti-Exploit and JRT

Malwarebytes has recently (11/23/15) released a new version of their Malwarebytes Anti-Exploit protection software.

Current version is now 1.08.1.1045 and should auto-update eventually. If it doesn’t or you just don’t want to wait, go download the package and over-install it to upgrade your current version.

Release History - Malwarebytes Support

New Features

  • Added Layer0 Dynamic Anti-HeapSpraying mitigation
  • Added Layer0 Anti-Exploit fingerprinting mitigation
  • Added Layer0 finetuned VBScript mitigation for IE
  • Added Layer1 ROP-RET gadget detection mitigation
  • Added Layer3 Application Behavior rules
  • Added protection for Microsoft Edge
  • Added protection for LibreOffice
  • Added failover upgrade mechanism
  • Added auto-recovery for Anti-Exploit service

Fixes

  • Fixed conflict with third-party products that use the same hooks
  • Fixed conflict with Office family profile
  • Fixed conflict with banking software plugin for browsers
  • Fixed conflict with Citrix when opening IE
  • Fixed conflict with components from Asus and Huawei
  • Fixed conflict with Kaspersky 16
  • Fixed conflict with Comodo
  • Fixed conflict with Imprivata OneSign
  • Fixed issue when custom shields were not kept after upgrade
  • Fixed issue with exclusions sometimes not applied to PDF profile
  • Fixed issue with Layer3 Application Behavior
  • Fixed issue with missing balloon notifications
  • Fixed issue with missing balloon notifications
  • Fixed false positive with Adobe Acrobat
  • Fixed false positive with certain .NET modules under IE
  • Fixed PhantomPDF crash when converting to doc

New Malwarebytes Anti-Exploit Adds Fingerprinting Detection - Malwarebytes Unpacked

Malwarebytes Anti-Exploit 1.08 ships with fingerprinting detection and more - gHacks Tech News

They have also released a new version (8.0.1) of the Junkware Removal Tool (JRT) which was recently acquired.

Junkware Removal Tool - Malwarebytes

I like this as it is a fast, focused, and portable tool to remove and repair a number of malware/ad-ware/junkware/PUP focused programs. It is one of the “first-strike” tools I deploy against a heavily infected system I may be servicing for a friend or family member.

Load up and carry on!

Claus Valca

Gpupdate /mostlyfineasis

One of the cure-all’s we use at work for fixing issues with our AD-joined systems is to run the following command:

gpupdate /force

Fixes everything! (not)

So when this Helge Klien post came in this week with it’s incendiary lead-in, I had to pay attention.

How Group Policy Impacts Logon Performance #1: CSEs • Helge Klein

Gpupdate /force is for wimps!

Say you have changed a Group Policy setting in the domain and want to test its effects on a member computer. You open a command prompt and type:

gpupdate /force

Please pause and think this over before hitting enter. Why the /force switch? To show that stupid machine who is its master? Are you one of those people that click Apply before they click OK? Do you wear both belt and suspenders? Of course you do not! So let us take a look at the help text for the /force parameter:

Reapplies all policy settings. By default, only policy settings that have changed are applied.

That is quite telling. Group Policy keeps track of what has been applied and does not reapply settings that are already present. Nice! So why would we override this optimization? We would not. Using /force typically is only required when your Group Policy infrastructure (i.e. AD and/or DNS) are broken. Go fix it instead of telling poor old Group Policy to forego optimizations!


That got me digging just a little bit deeper into the whole gpupdate /force thing we do and tell others to do without consideration.

GPUpdate or GPUpdate /force? Learn the difference! - DeployHappiness.

From Joseph Moody’s entertaining post:


As it turned out, Group Policy was always working – I just didn’t understand it. So what’s the difference between GPUpdate and GPUpdate /force? Well –

GPUpdate: Applies any policies that is new or modified

GPUpdate /force: Reapplies every policy, new and old.

So which one should I use? 99% of the time, you should only run gpupdate. If you just edited a GPO and want to see results immediately, running gpupdate will do the trick. In fact, running GPUPdate /force on a large number of computers can be damaging to your career. This is because these machines will hit a domain controller and reevaluate every GPO applicable to them.

Note: If you are looking for the remote version of GPUpdate in Active Directory Users and Computers, see this guide.

Anything else?

Since you asked, why yes there is! GPUpdate has a few other options for you to use.

/LogOff: Certain GPOS, such as Folder Redirection, can’t apply in the background. If a logoff is required, this switch will initiate it.

/Boot: If a policy, such as software installation, needs to be applied – the boot command will reboot the machine.

/Sync: Useful for changing the foreground (startup/logon) processing to synchronous.



Also handy after running a “gpupdate” command:  “gpresult /h c:\temp\myGPreport.html”


Open with IE or Chrome or something and check your results of applied policies. If you use this technique, you can quickly search through the results with the search feature of the browser to highlight and jump to specific policy references you are looking for. It is a real time saver



Bonus Material



Cheers,


Claus Valca.

Windows 7 WiFi Tweaking

I didn’t mention it in my last post but after I had reassembled the laptop and brought it back up, I had lost my network connection. After some quick troubleshooting I was sure that I had messed up my WiFi card.

I could connect via an Ethernet cable and was OK, but try as I might I could not get WiFi going.

Weird thing was that the card hardware was showing up in the device manager with no errors and reported to be working properly.

Even though the WiFi router is less than 3 feet away from my desk, maybe the antennas got messed up during the reassembly?

I shut the laptop down and opened up the bottom access panel, pulled the WiFi card, removed and inspected the WiFi antenna connections and card posts.  All looked OK.

I reassembled everything, checked the BIOS settings at reboot; normal.

Still no WiFi connection.

After some more time meditating, I realized the “issue”.

I hit the button on the keyboard to turn the WiFi on and it was working again.

Some Dell laptop systems (like my Latitude at work) use a mechanical switch to toggle on/off the WiFi.

Other Dell systems (like my Studio and XPS models) use a dual-use function key.

On my home systems there is no LED indicator to show that the WiFi has been disabled.

I had crossed that bridge before here at GSD: Mostly Minor Network Notes

Which led me to the following:

  • Start/Control Panel --> Network and Sharing Center.
  • On the left side-bar, select “Change adapter settings”
  • On the menu-bar, choose, “Advanced” and from the drop-down menu “Advanced settings”
  • Then in the resulting dialog window, select the network connection(s) and using the green arrow on the right, change them in order up or down accordingly. 
  • Save your changes when done.

Only this time, that still didn’t seem to help. The system just wants to camp out on WiFi even when the wired is available and set as the preferred order.

This Super User question/answer session has a nice listing of alternative options you can try.

The top tips were the same as I offered but I also learned I could manually change the “metric” setting for the WiFi interface so that Windows might prefer the wired connection. Again, that didn’t seem to help in my system’s case. From the discussion:

Two things: first, you can add a metric to each interface to specify that one is better than another. Using the GUI, go to your network connection's properties, TCP/IP, Advanced, uncheck Automatic metric, and fill in the appropriate number. Since the metric represents a cost, Windows will automatically use the interface with a lower metric if it can't decide. This Knowledgebase article describes the feature you're disabling. - Michael Lowman

This worked for me, but I had to mess around with it a bit. I changed my Wired connection metric to 10 and Wireless connection metric to 20. When I used route print, it showed the Wired as 250-300 and the Wireless to 20-30 each time. To get around this, I just set each to the extreme. Wired = 1, Wireless = 999. I now get the proper order. Thanks! – Lyrical

Go to Control Panel -> Network and Sharing Center -> Change adapter settings -> Then 'Right Click' on the Wireless network and select Status Then click Wireless Properties and make sure that if you have it set to connect when in range that it is also set to connect to Connect to a more preferred network if available. - leeroy Jenkins

I got it working by setting the metric setting to 10 for wired and 1000 for wifi, all the other suggestions I found didn't work. - Mokubai & Morbia

  1. Go to Control Panel > Network & Internet > Network Connections
  2. Right click on your Wifi Network Adaptor usually titled "Wireless Network Connection"
  3. Select Properties
  4. Click on the "Configure" button
  5. Select Advanced tab
  6. Under "Property" Scroll down to "Disable Upon Wired Connect" and highlight it
  7. On the Right-hand side under "Value", select "Enabled" in the drop down menu
  8. Hit OK
  9. Disable then Enable back Wireless Network Connection.
    -Kevin

Anyway…

So that’s the reason why I had turned it off; the Studio laptop really has a hard time choosing the (better) wired Ethernet connection for network usage over the WiFi. So I just had forgotten that I was still toggling it off manually when I am hooked in on the wired connection.

So now I just need to make a mini sticky note to remind me now what mode the WiFi setting is in. Like one of those dishwasher signs you flip over that say “Dishes Clean / Dishes Dirty”.

Cheers,

Claus Valca

Saturday, November 21, 2015

Well That Was Fun: DVD no longer stuck…

Micro-update on last weekend’s Well that was unexpected: DVD stuck in slot-load drive post.

I got tired of trying to creatively extract the DVD out of the slot-load drive this week.

A front had blown through and the wind/rain was borderline torrential so it seemed like as good a morning as any to tear apart my Dell Studio 1558 laptop to pull the disk out.

With my handy Studio 1558 Service Manual loaded up on an iPad next to me I set to work on the teardown.

It took me about an hour of careful screw-tracking and ribbon-cable unlatching, but I did finally get the DVD module removed from the system.

5ywdgorb.pcw

One out, I removed a little chassis mounting bracket on the side of the DVD module, then four screws removed from the lid and it was popped open and the DVD (just the one -- no double-stack was found) was out.

2h504c0s.2no

I didn’t see any obvious issues but this module is now suspect so it won’t be fed again.  I put it back in the system for now.

Reassembly was fairly tame and went faster, though I took my time with the connectors and snapping all the plastic clipped sections together properly.

Mom is a crafter/beader so she had given me a sweet little felt-covered shallow sorting tray with lots of compartments. I used it to keep track of my screws during disassembly. Each step the screws went into their own divider. You can just make it out in the top of the first photo under the flipped over palm rest component.

I have a nice mini-driver set from many many years old (probably older than Alvis). It works great but I think it will be time to invest in a upgraded mini-driver kit -- iFixit Pro Tech Screwdriver Set (Amazon.com) & probably also this iFixit Pro Tech Toolkit (Amazon.com) as well. I’ve done more laptop teardowns than I would like over the years and my current tools get the job done, but this time I found myself using one of Lavie’s soft plastic citrus peelers as a spudger and connector pry/seat tool. It worked but the plastic was a bit soft for the task.

I picked up this LG External DVD Rewriter SP80NB60 around town. it was slim and light and cheap and uses a tray-load system. I won’t be testing to see if the internal DVD module is still OK but I don’t know if I am going to replace it either with another internal unit. Time will tell.

Cheers.

--Claus Valca.

Sunday, November 15, 2015

Well that was unexpected: DVD stuck in slot-load drive

My otherwise cheer-filled weekend hit a snag Saturday.

After two weeks of smooth sailing on my Dell XPS laptop powerhouse running a Win10 installation, Win 10 totally blew out again. Really really bad.

I eventually gave up on the Windows 10 self-repair as that only led to a wheel of misfortune game of what will the new blue-screen ;( error message show this time. It was ugly.

I then bailed and decided to do a roll back to my Win 7 Ultimate OS which was still present.

Only that hung up and eventually got me a Windows 7 loading to blue-screen error loop.

I couldn’t find my Windows 7 Ultimate x64 setup disk so I popped a blank DVD in my Windows 7 x64 Dell Studio 1558 system and made a recovery disk to use.

Only the DVD appears to have gotten stuck in the drive slot.

It’s a slim slot-load DVD for this model so no paper-clip and tray tricks here.

Eventually I found my Win 7 Ultimate x64 setup disk after all and even though I got an error during reloading the last good System Restore point, the system booted up to my previous Win 7 OS pretty much intact. I had to install some Windows updates all over again, and reinstalled a few applications, but is is now back in order.

Windows 10 is now Verboten! on our Dell laptops for the foreseeable future.

With that crisis averted, I’ve turned to trying to extract the DVD from the slot load drive.

It isn’t pretty.

So I’ve been doing recon on how the slot-drive mechanisms work in the hope I can then extract the stuck DVD using a set of custom engineered extraction tools I’ll have to develop.  This seems to me to be the best hope right now.

The drive spins and the mechanism makes the ejection sounds. The DVD just won’t pop out. The system can read the disk fine so the reader and spindle are OK.  the little metal tab drops down that keeps the disk from falling out. Maybe the center hole on the disk is a bit small and jammed stuck on the spindle?  I’m hoping I can pop the DVD off the spindle then use double-stick tape with a thin piece of strong aluminum to pull it out.

Failing that I may have to pull the drive out of the laptop. I’m not bothered by the disassembly but would rather not have to.

If I go that way, do I want to get a replacement drive module? They aren’t too expensive…

Have anyone tried one of these kits? I could possibly not replace the DVD drive but buy a custom caddy to accept a 2nd HDD or SDD. The Studio 1558 only accepts a single drive bay but this would get me room for a 2nd drive. I’d probably go with a SSD based on heat/cooling concerns and power-draw. Is is worth the effort? I like the concept but have my worries.

Regardless, I might just end up having to go the simple route and leave the disk embedded in the system (which is otherwise fine) and just use a USB external DVD drive unit.  This one at least uses a tray…

I’m open to advice and suggestions to try!

Cheers

--Claus Valca

MS Office 2013 / 365 ProPlus Reference Links

For my reference…

Plan security settings for ActiveX controls for Office 2013 - Microsoft TechNet

Office 365 ProPlus – Deployment Guide for Admins - Microsoft TechNet

Uninstall Office 2013, Office 2016, or Office 365 from a Windows computer - Microsoft Office - O15CTRRemove.diagcab (FixIt utility)

Visio 2013 and Visio Stencils issue (Fixed) - Erik Bussink - Great tip for a really backward option application to re-enable opening of VSS files in Visio 2013 if the permissions are jacked up.

Group Policy Administrative Template files (ADMX, ADML) and Office Customization Tool (OCT) files for Office 2013 - Microsoft TechNet

Office 2013 Administrative Template files (ADMX/ADML) and Office Customization Tool - Microsoft download - contains the Microsoft Excel 2013 workbook, Office2013GroupPolicyAndOCTSettings_Reference.xls. TIP: If you don’t want to install the tool, just unpack the download EXE and then snag the XLS file for referencing the Group Policy settings.

Trust Center settings for Office 2013 - Microsoft TechNet

Ribbons for Access 2007 / Access 2010 - Trusted Locations - AccessRibbon.de

Overcome the Trust Center nuisance - Experts-Exchange.com - Tip by MacroShadow

Cheers

Claus Valca

Saturday, October 31, 2015

Web Browser Linkpost; Mostly Vivaldi and Firefox

Tracking

Vivaldi updates march on

Still loving Vivaldi and the feature set they are bringing to the table.

Still not a “daily driver” for web browsing but getting closer and closer. I’ve not listed all the snapshot posts but here are some highlights that might be interesting.

Considering the large volume of bookmarks I deal with, the bookmark bug-fix improvements have been very well received in particular; sorting, ordering, editing.

Firefox and Mozilla Developments

Google Chrome/Chromium

Pale Moon Rising

Pale Moon - Release Notes

25.7.3 (2015-10-14)
This is a usability update needed due to the fact that Mozilla has shut down their key exchange (J-PAKE) server along with the old Sync servers. This was unexpected and required us to set up our own key server (testing indicates this works as-expected, but please do report any issues on the forum) - which also required reconfiguration of the browser.
Please note that older versions of the browser will no longer be able to link devices to a sync account using the 12-character code since it requires a Mozilla server no longer present. If you need this functionality, you must update to this version or later.

Edge(ed) Out

Browse on, my friends.

--Claus Valca