The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,805 other followers

Archive for February 16th, 2022

Windows Defender: adding and removing exclusions from PowerShell (via Stack Overflow)

Posted by jpluimers on 2022/02/16

I use this small script to install or update [Wayback] Chocolatey package NirLauncher (which is the [Wayback] Nirsoft Launcher that has all the [Wayback] Nirsoft freeware tools in it).

powershell -Command Add-MpPreference -ExclusionPath "%TEMP%\chocolatey\NuGetScratch"
choco update --yes NirLauncher 
powershell -Command Remove-MpPreference -ExclusionPath "%TEMP%\chocolatey\NuGetScratch"

It works around the issue that many times NirLauncher is marked by anti-virus tools or/and listed on VirusTotal, which means you get an error like this:

NirLauncher not installed. An error occurred during installation:
 Operation did not complete successfully because the file contains a virus or potentially unwanted software.

followed by

Chocolatey upgraded 0/1 packages. 1 packages failed.
 See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).

I wrote about this error before Need to research: Nirlauncher v1.23.42 to 1.23.43 upgrade through Chocolatey fails with “Operation did not complete successfully because the file contains a virus or potentially unwanted software.”, and this post is explaining how I got to the above workaround.

Context: I was running Windows Defender (now officially called Microsoft Defender, but most people still use the old name), which is a good baseline anti-virus tool that is included with Windows.

Finding out the location of the offending file

The offending location is not actually in the C:\ProgramData\chocolatey\logs\chocolatey.log file.

I did a small search to see if one could list Windows Defender messages, and there was [Wayback] Use PowerShell to See What Windows Defender Detected | Scripting Blog explaining the Get-MpThreatDetection available since around Windows 8.x.

This little command got what I wanted:

C:\temp>PowerShell Get-MpThreatDetection ^| Format-List ^| Out-String -Width 4096 | findstr /I "nir"
Resources                      : {file:_C:\Users\jeroenp\AppData\Local\Temp\chocolatey\NuGetScratch\a78a5776-0fdd-48c0-8313-9b0107f54cba\hy3odwgw.1dc\tools\nirsoft_package_1.23.44.zip}

A few tricks I used here:

Searching for [Wayback] “chocolatey\NuGetScratch” – Google Search, I found out %Temp%\chocolatey\NuGetScratch is the default value for [Wayback] chocolatey cacheLocation – Google Search. I run default settings, so that is good enough for me.

Adding / removing a recursive folder exclusion to Windows defender

I found [Wayback] Windows Defender – Add exclusion folder programmatically – Stack Overflow through [Wayback] “Windows Defender” exclusion from commandline – Google Search explaining these (thanks [Wayback] gavenkoa!):

Run in elevated shell (search cmd in Start menu and hit Ctrl+Shift+Enter).

powershell -Command Add-MpPreference -ExclusionPath "C:\tmp"
powershell -Command Add-MpPreference -ExclusionProcess "java.exe"
powershell -Command Add-MpPreference -ExclusionExtension ".java"

powershell -Command Remove-MpPreference -ExclusionExtension ".java"

This was a short step to these documentation pages (note to self: figure out the origin of the Mp prefix)

Windows Defender still marks individual tools

Of course Windows Defender still marks individual tools as “unsafe” (for instance C:\tools\NirLauncher\NirSoft\mailpv.exe). To alleviate that, you have to permanently add this directory to the exclusion list: C:\tools\NirLauncher.

–jeroen

Posted in CommandLine, Development, NirSoft, Power User, PowerShell, Software Development, Windows | Leave a Comment »

ESXi: for my link archive – links about “vim-cmd vmsvc/message” (lots of interesting scripts for deployment scenarios)

Posted by jpluimers on 2022/02/16

In ESXi: on the console/ssh, when a moved VM pauses during power-on: show which VMs have messages waiting, then answer them, I searched for [Wayback] “vim-cmd vmsvc/message” – Google Search in order to see which messages were available.

That search revealed a lot more links, so here are the ones I found most interesting:

 

–jeroen

Read the rest of this entry »

Posted in ESXi4, ESXi5, ESXi5.1, ESXi5.5, ESXi6, ESXi6.5, ESXi6.7, ESXi7, Power User, Virtualization, VMware, VMware ESXi | Leave a Comment »

Some links on sending SMS and the protocols/types involved

Posted by jpluimers on 2022/02/16

So I can find them back later:

  • SMS: Short Message Service. Messages limited to 140 octet (160 7-bit characers, 140 8-bit characters or 70 16-bit characters) sent mainly over the GSM or UMTS mobile networks.
  • Concatenated SMS or Multipart SMS. Does work on most devices and most operators. Way to send messages longer than 140 octets. Each part is billed separately.
  • MSISDN a number uniquely identifying a subscription in a GSM or a UMTS mobile network. Always starts with country code. Never includes a prefix (like 00 or +).
  • SMPP: Short Message Peer-to-Peer.
  • HLR: Home Location Register.

An interesting party with some public SMS APIs is MessageBird. You can compare their old and new ones:

Read the rest of this entry »

Posted in Development, Encoding, Software Development | Leave a Comment »

 
%d bloggers like this: