Posted by jpluimers on 2022/03/03
Quite an OK guide on how to backup and restore on Windows 10 (since so much has changed since Windows 7, and some Windows 7 stuff is still there but has moved)
[Wayback] How to make a full backup of your Windows 10 PC | Windows Central
In this guide, we’ll show you the steps to create a full backup of your computer, which includes everything from settings, apps, to files using the System Image Backup tool on Windows 10.
–jeroen
Posted in Power User, Windows, Windows 10, Windows 7 | Leave a Comment »
Posted by jpluimers on 2022/03/01
Somehow after cloning a Windows 10 disk to SSD, the regular partition worked fine, but the recovery partition (sometimes called WinRE: short for Windows Recovery Environment or Windows RE) didn’t.
In short, I only had to perform two actions to get this fixed, both from the Administrator elevated command prompt:
7 to 27 (this is for an MBR disk; for GPT disks, these values are different, see the first link below). I did this using diskpart.reagentc /info to check if it was disabled, then reagentc /enable (if it wasn’t disabled first, I had to precede it with reagentc /enable).Before this, bcdedit /enum would only return the
Windows Boot Loaderentry for the C: drive, but had norecoverysequenceand now it had.
Since there are cases where much more action is needed, here are some links for just when I run into more complicated situations:
Posted in Power User, Windows, Windows 10 | Leave a Comment »
Posted by jpluimers on 2022/03/01
I bumped into an old draft on notes on NTFS boot issues.
A while ago, I wanted to boot in the Windows 10 “Safe Mode” console, but the F8 option during the boot process was gone.
So I wondered how to get there. There seem to be a few ways, of which almost all require a functioning Windows installation. When you have one, it is relatively easy, as these options will work as summarised from [Wayback] How to open the Windows 10 recovery console:
Shift key when choosing “Reboot” in the user interface. There are various ways to get to the “Power” button:
Ctrl–Alt–Delshutdown.exe /r /oshutdown.exe /r /o /t 0There is also a possibility to restore the F8 functionality, but you need installation media for it. [Wayback] 3 ways to boot into Safe Mode on Windows 10 version 21H1 explains how to.
(Note that for some of the links, only the [Wayback] ones work: link-rot of the links I saved 6 years ago)
–jeroen
Posted in Internet, link rot, Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, WWW - the World Wide Web of information | Leave a Comment »
Posted by jpluimers on 2022/02/25
When downloading Windows 10 builds, I usually want them as ISO files because I test them out as Virtual Machines before running on real hardware.
Downloading can be done from [WayBack] www.microsoft.com/en-us/software-download/windows10, however what you get depends on what machine you start browsing.
The above WayBack link, because it got archived from a non-Windows machine redirects from https://web.archive.org/web/20210321163339/https://www.microsoft.com/en-us/software-download/windows10 to https://web.archive.org/web/20210321143203/https://www.microsoft.com/en-us/software-download/windows10ISO.
On Windows systems the redirect goes from https://web.archive.org/web/20210321143203/https://www.microsoft.com/en-us/software-download/windows10ISO to https://web.archive.org/web/20210321163339/https://www.microsoft.com/en-us/software-download/windows10
By default, when you are on a Windows machine, the download link only provides the Media Creation tool. This forces an extra step into getting the ISO file on the virtual machine host.
When downloading from a non-Windows machine, you get a possibility to download the ISO file directly after selecting which kind of build and language you need. This provides you with a time limited https link to download the ISO (in practice this seems to last at least an hour).
I didn’t dig into this before, but luckily others did, and the difference is as easy as changing the User-Agent in your browser, as these posts describe:
Luckily, since ESXi 6.7, VMware ESXi added https as protocol to wget, so now you can download the https link you get via the above trick without hassle.
Oh, this answers my question from a few years back too: How can I get Win10_1511_1_English_x64.iso or Win10_1511_1_EnglishInternational_x64.iso ?
Posted in Chrome, ESXi6.7, Power User, Virtualization, VMware, VMware ESXi, Web Browsers, Windows, Windows 10 | Leave a Comment »
Posted by jpluimers on 2022/02/18
A while ago I needed to quickly rename a Windows 10 machine, but again they moved around the way to get into the right dialog (each new Windows 10 release more options seem to move around from the classic Control Panel or Computer Properties into hard to memorise places).
So I was glad to find out that either of these work from the command-line:
sysdm.cpl,1SystemPropertiesComputerNameI already was aware of editing the user environment variables through "C:\Windows\System32\rundll32.exe" sysdm.cpl,EditEnvironmentVariables
Glad changing the computer name was so easy.
From [Wayback] Easy Ways to Open System Properties in Windows 10 | Password Recovery, I learned there were more equivalence commands for the rest of the “System Properties” tabs:
sysdm.cpl,1SystemPropertiesComputerNamesysdm.cpl,2SystemPropertiesHardwaresysdm.cpl,3SystemPropertiesAdvancedsysdm.cpl,4SystemPropertiesProtectionsysdm.cpl,5SystemPropertiesRemoteSearching for [Wayback] “EditEnvironmentVariables” “SystemPropertiesComputerName” – Google Search, I found a truckload more of these command-line tricks at [Wayback] 运行(WIN+R)中能使用的命令:ms-settings:,shell:,cpl,mmc… – Bob-wei – 博客园.
–jeroen
Posted in Power User, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1 | Leave a Comment »
Posted by jpluimers on 2022/02/17
I wrote about Creating a bootable USB installer for ESXi and use it to create a bootable ESXi installation.
Just in case I ever need to do this on a non-Windows system, some links:
–jeroen
Posted in *nix, Apple, ESXi6, ESXi6.5, ESXi6.7, ESXi7, Linux, Mac OS X / OS X / MacOS, Power User, Virtualization, VMware, VMware ESXi, Windows | Leave a Comment »
Posted by jpluimers on 2022/02/16
I use this small script to install or update [Wayback] Chocolatey package NirLauncher (which is the [Wayback] Nirsoft Launcher that has all the [Wayback] Nirsoft freeware tools in it).
powershell -Command Add-MpPreference -ExclusionPath "%TEMP%\chocolatey\NuGetScratch" choco update --yes NirLauncher powershell -Command Remove-MpPreference -ExclusionPath "%TEMP%\chocolatey\NuGetScratch"
It works around the issue that many times NirLauncher is marked by anti-virus tools or/and listed on VirusTotal, which means you get an error like this:
NirLauncher not installed. An error occurred during installation: Operation did not complete successfully because the file contains a virus or potentially unwanted software.
followed by
Chocolatey upgraded 0/1 packages. 1 packages failed. See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).
I wrote about this error before Need to research: Nirlauncher v1.23.42 to 1.23.43 upgrade through Chocolatey fails with “Operation did not complete successfully because the file contains a virus or potentially unwanted software.”, and this post is explaining how I got to the above workaround.
Context: I was running Windows Defender (now officially called Microsoft Defender, but most people still use the old name), which is a good baseline anti-virus tool that is included with Windows.
The offending location is not actually in the C:\ProgramData\chocolatey\logs\chocolatey.log file.
I did a small search to see if one could list Windows Defender messages, and there was [Wayback] Use PowerShell to See What Windows Defender Detected | Scripting Blog explaining the Get-MpThreatDetection available since around Windows 8.x.
This little command got what I wanted:
C:\temp>PowerShell Get-MpThreatDetection ^| Format-List ^| Out-String -Width 4096 | findstr /I "nir" Resources : {file:_C:\Users\jeroenp\AppData\Local\Temp\chocolatey\NuGetScratch\a78a5776-0fdd-48c0-8313-9b0107f54cba\hy3odwgw.1dc\tools\nirsoft_package_1.23.44.zip}
A few tricks I used here:
^| allows pipes to run within PowerShell itself (instead of the cmd wrapper)Out-String -Width 4096 makes for a really wide output (so Format-List does not wrap around any lines; I mentioned that trick before in PowerShell: when Format-Table -AutoSize displays only 10 columns and uses the width of the console when redirecting to file)| findstr /I "nir" uses the cmd wrapper pipe through the old findstr command from the DOS era that allows to filter output (I tried Select-String, but that failed – despite tricks mentioned in [Wayback] piping Get-ChildItem into Select-String in powershell – Stack Overflow – likely because that is not text-oriented, but object oriented in nature)Searching for [Wayback] “chocolatey\NuGetScratch” – Google Search, I found out %Temp%\chocolatey\NuGetScratch is the default value for [Wayback] chocolatey cacheLocation – Google Search. I run default settings, so that is good enough for me.
I found [Wayback] Windows Defender – Add exclusion folder programmatically – Stack Overflow through [Wayback] “Windows Defender” exclusion from commandline – Google Search explaining these (thanks [Wayback] gavenkoa!):
Run in elevated shell (search
cmdin Start menu and hit Ctrl+Shift+Enter).powershell -Command Add-MpPreference -ExclusionPath "C:\tmp" powershell -Command Add-MpPreference -ExclusionProcess "java.exe" powershell -Command Add-MpPreference -ExclusionExtension ".java" powershell -Command Remove-MpPreference -ExclusionExtension ".java"
This was a short step to these documentation pages (note to self: figure out the origin of the Mp prefix)
Of course Windows Defender still marks individual tools as “unsafe” (for instance C:\tools\NirLauncher\NirSoft\mailpv.exe). To alleviate that, you have to permanently add this directory to the exclusion list: C:\tools\NirLauncher.
–jeroen
Posted in CommandLine, Development, NirSoft, Power User, PowerShell, Software Development, Windows | Leave a Comment »
Posted by jpluimers on 2022/01/31
Small cd-to-file.bat tip:
pushd %~dp1
–jeroen
Posted in Batch-Files, Power User, Scripting, Software Development, Windows | Leave a Comment »
Posted by jpluimers on 2022/01/18
Almost two years ago, GitHub – facebook/osquery: SQL powered operating system instrumentation, monitoring, and analytics published from the automatic blog queue.
It was in the midst of my rectum cancer treatment, so I was glad the blog queue back then was still about 18 months deep.
This meant I looked into osquery in 2018, which I remember because I needed it on MacOS as I did not want to remember the syntax for MacOS specific commands on getting system information. It also coincides with how much my repository fork was behind: [Wayback: jpluimers/osquery commits/Archive: jpluimers/osquery commits].
Fast forward to now, the breath of systems I’m involved with has widened, so I was glad to see that Kristian Köhntopp mentioned it:
So time to try it again (:
The links he mentioned:
osqueryis an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive.
The high-performance and low-footprint distributed host monitoring daemon,osqueryd, allows you to schedule queries to be executed across your entire infrastructure. The daemon takes care of aggregating the query results over time and generates logs which indicate state changes in your infrastructure. You can use this to maintain insight into the security, performance, configuration, and state of your entire infrastructure.osqueryd‘s logging can integrate into your internal log aggregation pipeline, regardless of your technology stack, via a robust plugin architecture.The interactive query console,osqueryi, gives you a SQL interface to try out new queries and explore your operating system. With the power of a complete SQL language and dozens of useful tables built-in,osqueryiis an invaluable tool when performing incident response, diagnosing a systems operations problem, troubleshooting a performance issue, etc.
Main site: [Wayback/Archive] osquery | Easily ask questions about your Linux, Windows, and macOS infrastructure
Repository: [Wayback/Archive] osquery/osquery: SQL powered operating system instrumentation, monitoring, and analytics.
–jeroen
Posted in *nix, *nix-tools, Apple, Development, DevOps, Facebook, Infrastructure, Mac, Mac OS X / OS X / MacOS, Power User, SocialMedia, Software Development, Windows | Leave a Comment »
Posted by jpluimers on 2022/01/17
[Wayback] A Redditor visits the iconic Windows XP “Bliss” hill in Microsoft Flight Simulator and recaptures the magic – NotebookCheck.net News
XP:
2020:
Via: (note the wrong Windows version) [Archive.is] Stonehead on Twitter: “Zo ziet het Windows 95-bureaublad er tegenwoordig uit trouwens. Klimaatverandering is overal… “
–jeroen
Posted in History, Power User, Windows, Windows XP | Leave a Comment »
The Wiert Corner - irregular stream of stuff 