How to Create Elevated App Shortcut without UAC Prompt in Windows 10

When you open an application file with Run as administrator, you will get a UAC prompt for approval before the app is allowed to run with elevated rights.

In addition, Windows will not allow elevated apps to run at startup by default.

If you want to run an app as administrator (elevated) without getting a UAC prompt or at startup, then you can create an elevated task to run the application as a workaround to do so.

This tutorial will show you how to create a shortcut of an elevated task to run an app as administrator without getting a UAC prompt in Windows 10.

Read more…

.psd1 files

.psd1 files are usually used as module manifests

You can test the manifest

PS>  Test-ModuleManifest -Path ‘C:Program FilesWindowsPowerShellModulesPester3.4.0Pester.psd1’ | fl

Name              : Pester
Path              : C:Program FilesWindowsPowerShellModulesPester3.4.0Pester.psd1
Description       : Pester provides a framework for running BDD style Tests to execute and validate PowerShell commands inside of PowerShell and offers a powerful set of Mocking Functions that allow tests to mimic and mock the  functionality of any command inside of a piece of powershell code being tested. Pester tests can execute any command or script that is accesible to a pester test file. This can include functions, Cmdlets,  Modules and scripts. Pester can be run in ad hoc style in a console or it can be integrated into the Build scripts of a Continuous Integration system.
ModuleType        : Script
Version           : 3.4.0
NestedModules     : {}
ExportedFunctions : {Describe, Context, It, Should…}
ExportedCmdlets   :
ExportedVariables : {Path, TagFilter, ExcludeTagFilter, TestNameFilter…}
ExportedAliases   :

 

or you can view the whole output

 

PS>  Test-ModuleManifest -Path ‘C:Program FilesWindowsPowerShellModulesPester3.4.0Pester.psd1’ | fl *

LogPipelineExecutionDetails : False
Name                        : Pester
Path                        : C:Program FilesWindowsPowerShellModulesPester3.4.0Pester.psd1
ImplementingAssembly        :
Definition                  :
Description       : Pester provides a framework for running BDD style Tests to execute and validate PowerShell commands inside of PowerShell and offers a powerful set of Mocking Functions that allow tests to mimic and mock the  functionality of any command inside of a piece of powershell code being tested. Pester tests can execute any command or script that is accesible to a pester test file. This can include functions, Cmdlets,  Modules and scripts. Pester can be run in ad hoc style in a console or it can be integrated into the Build scripts of a Continuous Integration system.
Guid                        : a699dea5-2c73-4616-a270-1f7abb777e71
HelpInfoUri                 :
ModuleBase                  : C:Program FilesWindowsPowerShellModulesPester3.4.0
PrivateData                 : {PSData}
Tags                        : {powershell, unit testing, bdd, tdd…}
ProjectUri                  : https://github.com/Pester/Pester
IconUri                     : http://pesterbdd.com/images/Pester.png
LicenseUri                  : http://www.apache.org/licenses/LICENSE-2.0.html
ReleaseNotes                :
RepositorySourceLocation    :
Version                     : 3.4.0
ModuleType                  : Script
Author                      : Pester Team
AccessMode                  : ReadWrite
ClrVersion                  :
CompanyName                 : Pester
Copyright                   : Copyright (c) 2016 by Pester Team, licensed under Apache 2.0 License.
DotNetFrameworkVersion      :
ExportedFunctions           : {[Describe, Describe], [Context, Context], [It, It], [Should, Should]…}
Prefix                      :
ExportedCmdlets             : {}
ExportedCommands            : {[Describe, Describe], [Context, Context], [It, It], [Should, Should]…}
FileList                    : {}
CompatiblePSEditions        : {}
ModuleList                  : {}
NestedModules               : {}
PowerShellHostName          :
PowerShellHostVersion       :
PowerShellVersion           : 2.0
ProcessorArchitecture       : None
Scripts                     : {}
RequiredAssemblies          : {}
RequiredModules             : {}
RootModule                  : Pester.psm1
ExportedVariables           : {[Path, ], [TagFilter, ], [ExcludeTagFilter, ], [TestNameFilter, ]…}
ExportedAliases             : {}
ExportedWorkflows           : {}
ExportedDscResources        : {}
SessionState                :
OnRemove                    :
ExportedFormatFiles         : {}
ExportedTypeFiles           : {}

 

You can also import the contents of the .psd1 file

PS>  Import-PowerShellDataFile -Path ‘C:Program FilesWindowsPowerShellModulesPester3.4.0Pester.psd1’

Name                           Value                                                                                          
—-                           —–                                                                                          
Copyright                      Copyright (c) 2016 by Pester Team, licensed under Apache 2.0 License.                          
ModuleToProcess                Pester.psm1                                                                                    
PrivateData                    {PSData}                                                                                       
PowerShellVersion              2.0                                                                                            
CompanyName                    Pester                                                                                         
GUID                           a699dea5-2c73-4616-a270-1f7abb777e71                                                           
Author                         Pester Team                                                                                    
FunctionsToExport              {Describe, Context, It, Should…}                                                             
VariablesToExport              {Path, TagFilter, ExcludeTagFilter, TestNameFilter…}                                         
Description                    Pester provides a framework for running BDD style Tests to execute and validate PowerShell co…
ModuleVersion                  3.4.0 

 

which in some ways is more useful as you can easily see what is actually in the manifets rather than dealing with a lot of empty properties.

 

You can create .psd1 files to hold other data and read them with Import-PowerShellDataFile. Default parameters for your favourite cmdlets is one thing that comes to mind

Internet – World wide web now 10,000 days old

The internet is now 27 1/3 years as a special celebration of this great resource was noted for today.

https://www.thunderclap.it/projects/44954-10-000-days-of-the-web

Come July 28th, the web will be 10k days old! The web is still in its infancy but through its public release, there has been a tremendous impact on lives around the world. You can get a degree online; order medicine; learn to cook pizza; get real-time news from around the globe; etc.   We want 10,000 people to celebrate the 10,000th day of the Web. Join us on Twitter for a walk down memory lane as we highlight our favorite days out of the past 10,000

Background: On March 12, 1989 Tim Berners-Lee submitted a proposal for a distributed information system at CERN that later became what we know now as the World Wide Web. That makes this Thursday, July 28, the 10,000th day. Until then, we’re partying like it’s day 9,999.

Get-ComputerInfo

One of the new items in PowerShell 5.1 is the Get-ComputerInfo cmdlet

PS>  Get-Command Get-ComputerInfo -Syntax

Get-ComputerInfo [[-Property] <string[]>] [<CommonParameters>]

 

PS>  Get-ComputerInfo

WindowsBuildLabEx                                       : 14393.0.amd64fre.rs1_release.160715-1616
WindowsCurrentVersion                                   : 6.3
WindowsEditionId                                        : Professional
WindowsInstallationType                                 : Client
WindowsInstallDateFromRegistry                          : 19/07/2016 12:27:55
WindowsProductId                                        : XXXXXXXXXXXXXXXXXXXX
WindowsProductName                                      : Windows 10 Pro
WindowsRegisteredOrganization                           :
WindowsRegisteredOwner                                  : XXXXXXXXXXXXXXXXXXXX

WindowsSystemRoot                                       : C:WINDOWS
BiosCharacteristics                                     : {7, 11, 12, 15…}
BiosBIOSVersion                                         : {OEMA – 1072009, 2.05.0250, American
                                                          Megatrends – 4028E}
BiosBuildNumber                                         :
BiosCaption                                             : 2.05.0250
BiosCodeSet                                             :
BiosCurrentLanguage                                     : en|US|iso8859-1
BiosDescription                                         : 2.05.0250
BiosEmbeddedControllerMajorVersion                      : 255
BiosEmbeddedControllerMinorVersion                      : 255
BiosFirmwareType                                        : Uefi
BiosIdentificationCode                                  :
BiosInstallableLanguages                                : 1
BiosInstallDate                                         :
BiosLanguageEdition                                     :
BiosListOfLanguages                                     : {en|US|iso8859-1}
BiosManufacturer                                        : American Megatrends Inc.
BiosName                                                : 2.05.0250
BiosOtherTargetOS                                       :
BiosPrimaryBIOS                                         : True
BiosReleaseDate                                         : 10/04/2015 01:00:00
BiosSeralNumber                                         : 036685734653
BiosSMBIOSBIOSVersion                                   : 2.05.0250
BiosSMBIOSMajorVersion                                  : 2
BiosSMBIOSMinorVersion                                  : 7
BiosSMBIOSPresent                                       : True
BiosSoftwareElementState                                : Running
BiosStatus                                              : OK
BiosSystemBiosMajorVersion                              : 2
BiosSystemBiosMinorVersion                              : 5
BiosTargetOperatingSystem                               : 0
BiosVersion                                             : OEMA – 1072009
CsAdminPasswordStatus                                   : Unknown
CsAutomaticManagedPagefile                              : True
CsAutomaticResetBootOption                              : True
CsAutomaticResetCapability                              : True
CsBootOptionOnLimit                                     :
CsBootOptionOnWatchDog                                  :
CsBootROMSupported                                      : True
CsBootStatus                                            : {0, 0, 0, 0…}
CsBootupState                                           : Normal boot
CsCaption                                               : RSSURFACEPRO2
CsChassisBootupState                                    : Safe
CsChassisSKUNumber                                      : Surface_Pro_2
CsCurrentTimeZone                                       : 60
CsDaylightInEffect                                      : True
CsDescription                                           : AT/AT COMPATIBLE
CsDNSHostName                                           : RSsurfacePro2
CsDomain                                                : WORKGROUP
CsDomainRole                                            : StandaloneWorkstation
CsEnableDaylightSavingsTime                             : True
CsFrontPanelResetStatus                                 : Unknown
CsHypervisorPresent                                     : False
CsInfraredSupported                                     : False
CsInitialLoadInfo                                       :
CsInstallDate                                           :
CsKeyboardPasswordStatus                                : Unknown
CsLastLoadInfo                                          :
CsManufacturer                                          : Microsoft Corporation
CsModel                                                 : Surface Pro 2
CsName                                                  : RSSURFACEPRO2
CsNetworkAdapters                                       : {USB Ethernet, WiFi, Bluetooth Network
                                                          Connection}
CsNetworkServerModeEnabled                              : True
CsNumberOfLogicalProcessors                             : 4
CsNumberOfProcessors                                    : 1
CsProcessors                                            : {Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz}
CsOEMStringArray                                        : {EU}
CsPartOfDomain                                          : False
CsPauseAfterReset                                       : -1
CsPCSystemType                                          : Mobile
CsPCSystemTypeEx                                        : Slate
CsPowerManagementCapabilities                           :
CsPowerManagementSupported                              :
CsPowerOnPasswordStatus                                 : Unknown
CsPowerState                                            : Unknown
CsPowerSupplyState                                      : Safe
CsPrimaryOwnerContact                                   :
CsPrimaryOwnerName                                      : XXXXXXXXXXXXXXXXXXXX
CsResetCapability                                       : Other
CsResetCount                                            : -1
CsResetLimit                                            : -1
CsRoles                                                 : {LM_Workstation, LM_Server, NT,
                                                          Potential_Browser…}
CsStatus                                                : OK
CsSupportContactDescription                             :
CsSystemFamily                                          : Surface
CsSystemSKUNumber                                       : Surface_Pro_2
CsSystemType                                            : x64-based PC
CsThermalState                                          : Safe
CsTotalPhysicalMemory                                   : 8506093568
CsPhyicallyInstalledMemory                              : 8388608
CsUserName                                              : RSsurfacePro2Richard
CsWakeUpType                                            : PowerSwitch
CsWorkgroup                                             : WORKGROUP
OsName                                                  : Microsoft Windows 10 Pro
OsType                                                  : WINNT
OsOperatingSystemSKU                                    : 48
OsVersion                                               : 10.0.14393
OsCSDVersion                                            :
OsBuildNumber                                           : 14393
OsHotFixes                                              : {KB3176927}
OsBootDevice                                            : DeviceHarddiskVolume2
OsSystemDevice                                          : DeviceHarddiskVolume4
OsSystemDirectory                                       : C:WINDOWSsystem32
OsSystemDrive                                           : C:
OsWindowsDirectory                                      : C:WINDOWS
OsCountryCode                                           : 44
OsCurrentTimeZone                                       : 60
OsLocaleID                                              : 0809
OsLocale                                                : en-GB
OsLocalDateTime                                         : 28/07/2016 14:30:32
OsLastBootUpTime                                        : 27/07/2016 09:02:45
OsUptime                                                : 1.05:27:47.0631253
OsBuildType                                             : Multiprocessor Free
OsCodeSet                                               : 1252
OsDataExecutionPreventionAvailable                      : True
OsDataExecutionPrevention32BitApplications              : True
OsDataExecutionPreventionDrivers                        : True
OsDataExecutionPreventionSupportPolicy                  : OptIn
OsDebug                                                 : False
OsDistributed                                           : False
OsEncryptionLevel                                       : 256
OsForegroundApplicationBoost                            : Maximum
OsTotalVisibleMemorySize                                : 8306732
OsFreePhysicalMemory                                    : 5530384
OsTotalVirtualMemorySize                                : 9617452
OsFreeVirtualMemory                                     : 6525292
OsInUseVirtualMemory                                    : 3092160
OsTotalSwapSpaceSize                                    :
OsSizeStoredInPagingFiles                               : 1310720
OsFreeSpaceInPagingFiles                                : 1274160
OsPagingFiles                                           : {C:pagefile.sys}
OsHardwareAbstractionLayer                              : 10.0.14393.0
OsInstallDate                                           : 19/07/2016 13:27:55
OsManufacturer                                          : Microsoft Corporation
OsMaxNumberOfProcesses                                  : 4294967295
OsMaxProcessMemorySize                                  : 137438953344
OsMuiLanguages                                          : {en-GB}
OsNumberOfLicensedUsers                                 :
OsNumberOfProcesses                                     : 77
OsNumberOfUsers                                         : 2
OsOrganization                                          :
OsArchitecture                                          : 64-bit
OsLanguage                                              : en-GB
OsProductSuites                                         : {TerminalServicesSingleSession}
OsOtherTypeDescription                                  :
OsPAEEnabled                                            :
OsPortableOperatingSystem                               : False
OsPrimary                                               : True
OsProductType                                           : WorkStation
OsRegisteredUser                                        : XXXXXXXXXXXXXXXXXXXX
OsSerialNumber                                          : 00330-80000-00000-AA844
OsServicePackMajorVersion                               : 0
OsServicePackMinorVersion                               : 0
OsStatus                                                : OK
OsSuites                                                : {TerminalServices,
                                                          TerminalServicesSingleSession}
OsServerLevel                                           :
KeyboardLayout                                          : en-GB
TimeZone                                                : (UTC+00:00) Dublin, Edinburgh, Lisbon,
                                                          London
LogonServer                                             : \RSSURFACEPRO2
PowerPlatformRole                                       : Slate
HyperVisorPresent                                       : False
HyperVRequirementDataExecutionPreventionAvailable       : True
HyperVRequirementSecondLevelAddressTranslation          : True
HyperVRequirementVirtualizationFirmwareEnabled          : True
HyperVRequirementVMMonitorModeExtensions                : True
DeviceGuardSmartStatus                                  : Off
DeviceGuardRequiredSecurityProperties                   :
DeviceGuardAvailableSecurityProperties                  :
DeviceGuardSecurityServicesConfigured                   :
DeviceGuardSecurityServicesRunning                      :
DeviceGuardCodeIntegrityPolicyEnforcementStatus         :
DeviceGuardUserModeCodeIntegrityPolicyEnforcementStatus :

 

You can use the –Property parameter to restrict output

PS>  Get-ComputerInfo -Property OsArchitecture, OsUptime

OsArchitecture OsUptime
————– ——–
64-bit         1.05:34:53.9424271

 

Wild cards are allowed so this works and lists all properties starting with OS

Get-ComputerInfo -Property Os*

 

Looking at the output it seems to be a collection of properties from a number of CIM classes. Might be fun to track down what comes from where one rainy day

PowerShell 5.1 preview

Windows 10 shipped with PowerShell 5.0 installed. The latest preview builds, and presumably, next months anniversary update have had PowerShell 5.1. Windows 2016 TP5 also ships with PowerShell 5.1

A PowerShell 5.1 preview is now available for Windows 7, 8.1, 2008 R2, 2012 and 2012 R2

Details from

https://blogs.msdn.microsoft.com/powershell/2016/07/16/announcing-windows-management-framework-wmf-5-1-preview/

LastPass Zero Day Bug … Don’t Panic!

Same advice as on the cover of the “Hitchhiker’s Guide to the Galaxy”!

Not really a “Zero Day” bug. Just a proof of concept. Be sure to apply the patch when they come up with it.

LastPass password manager “zero-day” bug hits the news

Removal instructions for Product Key

What is Product Key?

The Malwarebytes research team has determined that Product Key is a Tech Support Scam. These so-called “Tech Support Scammers” try to trick you into calling their phone number for various reasons, all of which turn out to be fraudulent in the end.
This particular one uses the Winlogon-Shell registry value to lock up the victim’s system.

https://forums.malwarebytes.org/topic/186299-removal-instructions-for-product-key/

How to Restore Default Services in Windows 10

A service is an application type that runs in the system background without a user interface and is similar to a UNIX daemon process. Services provide core operating system features, such as Web serving, event logging, file serving, printing, cryptography, and error reporting.

This tutorial provides you with registry downloads that will completely restore any of the default services and their settings in Windows 10. This can be handy if a service was deleted by mistake, is missing, or had it’s properties set improperly.

Read more…

Windows 10 – Countdown clock for WIN7 and WIN8 users

This link shares the exact time in which the free upgrade offer expires for WIN7 or WIN8 users to upgrade to WIN10 free of charge (about 2 days from now)

https://www.microsoft.com/en-us/WindowsForBusiness/buy

 

 

Latest leap second plan poses a dilemma for conscientious sysadmins

Bet you didn’t know that every year or so, an extra “leap second” is added to UTC time… Me neither…  🙂

Latest leap second plan poses a dilemma for conscientious sysadmins

The Sundown exploit kit delivers a Zeus Panda variant that targets UK banks

Spybot Search & Destroy Weekly Update – July 27, 2016

2016-07-27
Adware
++ Ad.Clicky ++ Ad.DiVapton ++ Ad.Fralimbo ++ Ad.IESuper + Ad.QvodPlayer + Firseria + Install.DomaIQ
Keylogger
+ Win32.ActiveKeyLogger
PUPS
+ PU.MultiInst
Spyware
+ Marketscore.RelevantKnowledge
Total: 2620542 fingerprints in 831680 rules for 7684 products.

»www.safer-networking.org ··· updates/

SQL Server 2016 Cumulative Update 1

Microsoft has released the Cumulative Update 1 for SQL Server 2016 (RTM):

The following picture shows you the areas where bugs are fixed:

SQL Server 2016 CU1 593x423

Enjoy!

Removal instructions for VMC Media Player TSS

What is VMC Media Player TSS?

The Malwarebytes research team has determined that VMC Media Player TSS is a Tech Support Scam. These so-called “Tech Support Scammers” try to trick you into calling their phone number for various reasons, all of which turn out to be fraudulent in the end.
This particular one uses the Winlogon-Shell registry value to lock up the victim’s system.

https://forums.malwarebytes.org/topic/186250-removal-instructions-for-vmc-media-player-tss/

Microsoft Security Bulletin Minor Revisions Issued: July 26, 2016

Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS16-058

Bulletin Information:

MS16-058

– Title: Security Update for Windows IIS (3141083)
– »technet.microsoft.com/li ··· 058.aspx
– Reason for Revision: V1.1 (July 26, 2016): Bulletin revised to
add Updates Replaced information to all entries in the Affected
Software table. This is an informational change only. Customers
who have already successfully installed the updates do not need
to take any action.
– Originally posted: May 10, 2016
– Updated: July 26, 2016
– Bulletin Severity Rating: Important
– Version: 1.1

Microsoft® Windows Insider MVP
Microsoft® Consumer Security MVP, 2004 – 2016
DP’s Security Bits

How to Turn On or Off Align Desktop Icons to Grid in Windows 10

The desktop is the main screen area that you see after you turn on your PC and sign in to Windows. Like the top of an actual desk, it serves as a surface for your work. When you open programs or folders, they appear on the desktop. You can also put items on the desktop, such as files, folders, and shortcuts, and arrange them however you want.

If you turn on Align icons to grid, your desktop icons will automatically be snapped into place as designated by an invisible grid on your screen. The grid keeps the icons aligned with each other to prevent them from overlapping.

If you turn off Align icons to grid, your desktop icons will no longer be snapped into place by grid.

This tutorial will show you how to turn on or off align desktop icons to grid for your account in Windows 10.

Read more…

How to Turn On or Off Auto Arrange Desktop Icons in Windows 10

The desktop is the main screen area that you see after you turn on your PC and sign in to Windows. Like the top of an actual desk, it serves as a surface for your work. When you open programs or folders, they appear on the desktop. You can also put items on the desktop, such as files, folders, and shortcuts, and arrange them however you want.

If you turn on Auto arrange icons, your desktop icons will automatically be arranged in columns along the left side of your screen.

If you turn off Auto arrange icons, you can arrange your desktop icons how and where you like on the desktop.

This tutorial will show you how to turn on or off auto arrange desktop icons for your account in Windows 10.

Read more…

Firefox will begin blocking Flash

Good news on the “Flash must die” campaign. Firefox will begin blocking Flash on select sites starting next month and all together in 2017.

Can’t come too soon for me and many others.

Firefox sets kill-Flash schedule

Removal instructions for Genieo

What is Genieo?

The Malwarebytes research team has determined that Genieo is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.

https://forums.malwarebytes.org/topic/186211-removal-instructions-for-genieo/

Side-by-side comparisons of the CrypMIC and CryptXXX Ransomware Infections

Recent Comments

Archives