The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,860 other subscribers

Archive for the ‘Windows’ Category

« Previous Entries
Next Entries »

Quickly get into the “rename computer” setting on Windows 10

Posted by jpluimers on 2022/02/18

A while ago I needed to quickly rename a Windows 10 machine, but again they moved around the way to get into the right dialog (each new Windows 10 release more options seem to move around from the classic Control Panel or Computer Properties into hard to memorise places).

So I was glad to find out that either of these work from the command-line:

  • sysdm.cpl,1
  • SystemPropertiesComputerName

I already was aware of editing the user environment variables through "C:\Windows\System32\rundll32.exe" sysdm.cpl,EditEnvironmentVariables

Glad changing the computer name was so easy.

From [Wayback] Easy Ways to Open System Properties in Windows 10 | Password Recovery, I learned there were more equivalence commands for the rest of the “System Properties” tabs:

  1. Computer Name
    • sysdm.cpl,1
    • SystemPropertiesComputerName
  2. Hardware
    • sysdm.cpl,2
    • SystemPropertiesHardware
  3. Advanced
    • sysdm.cpl,3
    • SystemPropertiesAdvanced
  4. System Protection
    • sysdm.cpl,4
    • SystemPropertiesProtection
  5. Remote
    • sysdm.cpl,5
    • SystemPropertiesRemote

Searching for [Wayback] “EditEnvironmentVariables” “SystemPropertiesComputerName” – Google Search, I found a truckload more of these command-line tricks at [Wayback] 运行(WIN+R)中能使用的命令:ms-settings:,shell:,cpl,mmc… – Bob-wei – 博客园.

–jeroen

Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1 | Leave a Comment »

Creating a bootable USB installer for ESXi on other operating systems than Windows

Posted by jpluimers on 2022/02/17

I wrote about Creating a bootable USB installer for ESXi and use it to create a bootable ESXi installation.

Just in case I ever need to do this on a non-Windows system, some links:

–jeroen

Posted in *nix, Apple, ESXi6, ESXi6.5, ESXi6.7, ESXi7, Linux, Mac OS X / OS X / MacOS, Power User, Virtualization, VMware, VMware ESXi, Windows | Leave a Comment »

Windows Defender: adding and removing exclusions from PowerShell (via Stack Overflow)

Posted by jpluimers on 2022/02/16

I use this small script to install or update [Wayback] Chocolatey package NirLauncher (which is the [Wayback] Nirsoft Launcher that has all the [Wayback] Nirsoft freeware tools in it).

powershell -Command Add-MpPreference -ExclusionPath "%TEMP%\chocolatey\NuGetScratch"
choco update --yes NirLauncher 
powershell -Command Remove-MpPreference -ExclusionPath "%TEMP%\chocolatey\NuGetScratch"

It works around the issue that many times NirLauncher is marked by anti-virus tools or/and listed on VirusTotal, which means you get an error like this:

NirLauncher not installed. An error occurred during installation:
 Operation did not complete successfully because the file contains a virus or potentially unwanted software.

followed by

Chocolatey upgraded 0/1 packages. 1 packages failed.
 See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).

I wrote about this error before Need to research: Nirlauncher v1.23.42 to 1.23.43 upgrade through Chocolatey fails with “Operation did not complete successfully because the file contains a virus or potentially unwanted software.”, and this post is explaining how I got to the above workaround.

Context: I was running Windows Defender (now officially called Microsoft Defender, but most people still use the old name), which is a good baseline anti-virus tool that is included with Windows.

Finding out the location of the offending file

The offending location is not actually in the C:\ProgramData\chocolatey\logs\chocolatey.log file.

I did a small search to see if one could list Windows Defender messages, and there was [Wayback] Use PowerShell to See What Windows Defender Detected | Scripting Blog explaining the Get-MpThreatDetection available since around Windows 8.x.

This little command got what I wanted:

C:\temp>PowerShell Get-MpThreatDetection ^| Format-List ^| Out-String -Width 4096 | findstr /I "nir"
Resources                      : {file:_C:\Users\jeroenp\AppData\Local\Temp\chocolatey\NuGetScratch\a78a5776-0fdd-48c0-8313-9b0107f54cba\hy3odwgw.1dc\tools\nirsoft_package_1.23.44.zip}

A few tricks I used here:

Searching for [Wayback] “chocolatey\NuGetScratch” – Google Search, I found out %Temp%\chocolatey\NuGetScratch is the default value for [Wayback] chocolatey cacheLocation – Google Search. I run default settings, so that is good enough for me.

Adding / removing a recursive folder exclusion to Windows defender

I found [Wayback] Windows Defender – Add exclusion folder programmatically – Stack Overflow through [Wayback] “Windows Defender” exclusion from commandline – Google Search explaining these (thanks [Wayback] gavenkoa!):

Run in elevated shell (search cmd in Start menu and hit Ctrl+Shift+Enter).

powershell -Command Add-MpPreference -ExclusionPath "C:\tmp"
powershell -Command Add-MpPreference -ExclusionProcess "java.exe"
powershell -Command Add-MpPreference -ExclusionExtension ".java"

powershell -Command Remove-MpPreference -ExclusionExtension ".java"

This was a short step to these documentation pages (note to self: figure out the origin of the Mp prefix)

Windows Defender still marks individual tools

Of course Windows Defender still marks individual tools as “unsafe” (for instance C:\tools\NirLauncher\NirSoft\mailpv.exe). To alleviate that, you have to permanently add this directory to the exclusion list: C:\tools\NirLauncher.

–jeroen

Posted in CommandLine, Development, NirSoft, Power User, PowerShell, Software Development, Windows | Leave a Comment »

cd-to-file.bat for when you have a full filename that is too long to truncate by hand

Posted by jpluimers on 2022/01/31

Small cd-to-file.bat tip:

pushd %~dp1

–jeroen

Posted in Batch-Files, Power User, Scripting, Software Development, Windows | Leave a Comment »

Need to revisit osquery: SQL powered operating system instrumentation, monitoring, and analytics supports more platforms and also aggregates to central log locations

Posted by jpluimers on 2022/01/18

Almost two years ago, GitHub – facebook/osquery: SQL powered operating system instrumentation, monitoring, and analytics published from the automatic blog queue.

It was in the midst of my rectum cancer treatment, so I was glad the blog queue back then was still about 18 months deep.

This meant I looked into osquery in 2018, which I remember because I needed it on MacOS as I did not want to remember the syntax for MacOS specific commands on getting system information. It also coincides with how much my repository fork was behind: [Wayback: jpluimers/osquery commits/Archive: jpluimers/osquery commits].

Fast forward to now, the breath of systems I’m involved with has widened, so I was glad to see that Kristian Köhntopp mentioned it:

So time to try it again (:

The links he mentioned:

  • [Wayback/Archive] Welcome to osquery – osquery

    osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive.

  • [Wayback/Archive] Welcome to osquery – osquery: High Level Features
    The high-performance and low-footprint distributed host monitoring daemon, osqueryd, allows you to schedule queries to be executed across your entire infrastructure. The daemon takes care of aggregating the query results over time and generates logs which indicate state changes in your infrastructure. You can use this to maintain insight into the security, performance, configuration, and state of your entire infrastructure. osqueryd‘s logging can integrate into your internal log aggregation pipeline, regardless of your technology stack, via a robust plugin architecture.
    The interactive query console, osqueryi, gives you a SQL interface to try out new queries and explore your operating system. With the power of a complete SQL language and dozens of useful tables built-in, osqueryi is an invaluable tool when performing incident response, diagnosing a systems operations problem, troubleshooting a performance issue, etc.
  • [Wayback/Archive] osqueryd (daemon) – osquery
  • [Wayback/Archive] osqueryi (shell) – osquery
  • [Wayback/Archive] Aggregating Logs – osquery
  • [Wayback/Archive] AWS Logging – osquery

Main site: [Wayback/Archive] osquery | Easily ask questions about your Linux, Windows, and macOS infrastructure

Repository: [Wayback/Archive] osquery/osquery: SQL powered operating system instrumentation, monitoring, and analytics.

–jeroen

Posted in *nix, *nix-tools, Apple, Development, DevOps, Facebook, Infrastructure, Mac, Mac OS X / OS X / MacOS, Power User, SocialMedia, Software Development, Windows | Leave a Comment »

A Redditor visits the iconic Windows XP “Bliss” hill in Microsoft Flight Simulator and recaptures the magic – NotebookCheck.net News

Posted by jpluimers on 2022/01/17

[Wayback] A Redditor visits the iconic Windows XP “Bliss” hill in Microsoft Flight Simulator and recaptures the magic – NotebookCheck.net News

XP:

2020:

Via: (note the wrong Windows version) [Archive.is] Stonehead on Twitter: “Zo ziet het Windows 95-bureaublad er tegenwoordig uit trouwens. Klimaatverandering is overal… “

–jeroen

Read the rest of this entry »

Posted in History, Power User, Windows, Windows XP | Leave a Comment »

Alexander Klöpping. Juist nu. on Twitter: “Is er een voice recorder app waarbij je met een druk op de knop tijdcodes kunt markeren omdat vlak voordat moment iets belangrijks gezegd werd? Zodat je achteraf makkelijk de belangrijke momenten kunt terugzoeken?” / Twitter

Posted by jpluimers on 2022/01/07

[Archive.is1/Archive.is2] Alexander Klöpping. Juist nu. on Twitter: “Is er een voice recorder app waarbij je met een druk op de knop tijdcodes kunt markeren omdat vlak voordat moment iets belangrijks gezegd werd? Zodat je achteraf makkelijk de belangrijke momenten kunt terugzoeken?” / Twitter

https://twitter.com/AlexanderNL/status/1277519084117164032

Selectie voor Android / Windows / MacOS:

Read the rest of this entry »

Posted in Android Devices, Audacity, Audio, Media, Power User, Windows | Leave a Comment »

The Evolution of Windows Search | Windows Search Platform

Posted by jpluimers on 2022/01/03

Great post [WayBack] The Evolution of Windows Search | Windows Search Platform, covering some 3 decades of search:

  • 1991 (Cairo with WinFS)
  • 1996 (Windows NT 4.0)
  • 2000 (Windows 2000)
  • 2001 (Windows XP)
  • 2007 (Windows Vista)
  • 2009 (Windows 7)
  • 2012 (Windows 8.x)
  • 2015 (Windows 10)

It is part 1 of a series of 4 posts by [WayBack] Brendan Flynn, Author at Windows Search Platform:

  1. The Evolution of Windows Search  👈  You Are here
  2. Windows Search Configuration and Settings
  3. What’s in my index?
  4. How to make the most of search on Windows

When grabbing them, only the first two parts were available. Part two was about [WayBack] Configuration and Settings | Windows Search Platform with an in depth coverage of both the old style Control Panel applet as the new Windows 10 Settings page.

Via: [Archive.is] Immo Landwerth on Twitter: “If you like Raymond Chen’s The Old New Thing, then you might love this new developer focused blog too. It starts with an interesting history of Windows Search, by @brflynn_ms. Enjoy & subscribe!”

–jeroen

Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows NT, Windows Server 2000, Windows Vista, Windows XP | Leave a Comment »

Run the latest RDP session in full-screen

Posted by jpluimers on 2021/12/28

MSTSC.exe helptext

MSTSC.exe helptext

I created this small batch file:

:: start last RDP session (or new one with command-line parameters) full-screen
:: see https://interworks.com/blog/ijahanshahi/2012/01/02/mstsc-commands-and-creating-custom-remote-desktop-shortcut/
mstsc /f %*

It is based on [Wayback] MSTSC Commands and Creating a Custom Remote Desktop Shortcut | InterWorks, which has the helptext for MSTSC.exe (which stands for MicroSoft Terminal Services).

Later I found out a way easier method to get that helptext is to run MSTSC.exe /?, which shows a nice dialog:

[Window Title]
Remote Desktop Connection Usage

[Content]
MSTSC [] [/v:<server[:port]>] [/g:] [/admin] [/f[ullscreen]] [/w: /h:] [/public] | [/span] [/multimon] [/edit "connection file"] [/restrictedAdmin] [/remoteGuard] [/prompt] [/shadow: [/control] [/noConsentPrompt]]

"connection file" -- Specifies the name of an .RDP file for the connection.

/v:<server[:port]> -- Specifies the remote PC to which you want to connect.

/g: -- Specifies the RD Gateway server to use for the connection. This parameter is only read if the endpoint remote PC is specified with /v.

/admin -- Connects you to the session for administering a remote PC.

/f -- Starts Remote Desktop in full-screen mode.

/w: -- Specifies the width of the Remote Desktop window.

/h: -- Specifies the height of the Remote Desktop window.

/public -- Runs Remote Desktop in public mode.

/span -- Matches the remote desktop width and height with the local virtual desktop, spanning across multiple monitors, if necessary. To span across monitors, the monitors must be arranged to form a rectangle.

/multimon -- Configures the Remote Desktop Services session monitor layout to be identical to the current client-side configuration.

/edit -- Opens the specified .RDP connection file for editing.

/restrictedAdmin -- Connects you to the remote PC in Restricted Administration mode. In this mode, credentials won't be sent to the remote PC, which can protect you if you connect to a PC that has been compromised. However, connections made from the remote PC might not be authenticated by other PCs, which might impact application functionality and compatibility. This parameter implies /admin.

/remoteGuard -- Connects your device to a remote device using Remote Guard. Remote Guard prevents credentials from being sent to the remote PC, which can help protect your credentials if you connect to a remote PC that has been compromised. Unlike Restricted Administration mode, Remote Guard also supports connections made from the remote PC by redirecting all requests back to your device.

/prompt -- Prompts you for your credentials when you connect to the remote PC.

/shadow: -- Specifies the ID of the session to shadow.

/control -- Allows control of the session when shadowing.

/noConsentPrompt -- Allows shadowing without user consent.

[OK]

–jeroen

Posted in Batch-Files, Development, Power User, Remote Desktop Protocol/MSTSC/Terminal Services, Scripting, Software Development, Windows | Leave a Comment »

Windows: get CPU information on the console

Posted by jpluimers on 2021/12/28

It still seems that WMIC is the quickest way to get CPU information on the console:

T510-PSO C:\bin\rdp> wmic cpu get name,CurrentClockSpeed,MaxClockSpeed
CurrentClockSpeed  MaxClockSpeed  Name
2667               2667           Intel(R) Core(TM) i5 CPU       M 560  @ 2.67GHz

T510-PSO C:\bin\rdp> wmic path win32_Processor get Name,NumberOfCores,NumberOfLogicalProcessors
Name                                             NumberOfCores  NumberOfLogicalProcessors
Intel(R) Core(TM) i5 CPU       M 560  @ 2.67GHz  2              4

Actually, wmic cpu is shorthand for wmic path win32_Processor, so this works fine:

T510-PSO C:\bin\rdp> wmic cpu get name,CurrentClockSpeed,MaxClockSpeed,NumberOfCores,NumberOfLogicalProcessors
CurrentClockSpeed  MaxClockSpeed  Name                                             NumberOfCores  NumberOfLogicalProcessors
2667               2667           Intel(R) Core(TM) i5 CPU       M 560  @ 2.67GHz  2              4

The reason is that cpu is an alias:

T510-PSO C:\bin\rdp> wmic alias cpu list brief
FriendlyName  PWhere              Target
CPU           Where DeviceID='#'  Select * from WIN32_PROCESSOR

Via:

–jeroen

Posted in Batch-Files, Console (command prompt window), Development, Power User, Scripting, Software Development, T510, ThinkPad, Windows | Leave a Comment »

« Previous Entries
Next Entries »