How to Enable or Disable Microsoft Edge Extensions in Windows 10

Microsoft Edge is a new web browser added in Windows 10, and will be available across the Windows 10 device family. It is fast, compatible, and built for the modern Web.

Personalize and add new features to Microsoft Edge with extensions. Starting with Windows 10 Insider Preview Build 14291, a selection of extensions is now available for Microsoft Edge on the PC.

This tutorial will show you how to enable or disable the usage of extensions in Microsoft Edge for all users in Windows 10.

Read more…

Windows 10 – Last day of eligibility for free upgrade

http://www.wired.com/2016/07/windows-10-free-upgrade-ends/

But tonight (or very early tomorrow morning, depending on your time zone), jumping from Windows Old to Windows 10 will no longer be complimentary. Instead, the Home version will cost you $120, while Windows 10 Pro will set you back $200. Since free is generally preferable to not free, most people should take the jump. In case you still have questions, though, here are a few answers.

Can I Upgrade? – This is the big one. First of all, make sure you’re even eligible; the free upgrade offer applies to tablets and PCs running Windows 7 or newer

Should I Upgrade? — The short answer: Yes. The slightly longer answer: Definitely yes. It adds useful features like Cortana, Microsoft’s capable virtual assistant, Microsoft Edge, a new browser that puts anguished Internet Explorer memories far in the rear view, and smaller features that liven up the Windows experience.

When Exactly Is the Deadline? — Last call for free Windows 10 actually bleeds into the weekend here in the US; specifically, Saturday morning at 5:59am EDT/2:59am PDT. After that, you’ll have to bust out the credit card.

How Do I Upgrade? — First: Back up your system. It’s not mandatory, but it’s good upgrade hygiene. Next, head to this handy Windows 10 download page. Double-click the Windows 10 download client, click OK when it asks if you’ll allow it to make changes, and settle in while your PC guides you from there.

SysAdmin Day

Today is SysAdmin day – http://sysadminday.com/

 

Time to show your appreciation for the people who keep your computing going

Information about the AdGholas Malvertising Campaigns

Cite: https://www.proofpoint.com/us/threat-insight/post/massive-adgholas-malvertising-campaigns-use-steganography-and-file-whitelisting-to-hide-in-plain-sight

The checks that were made to identify infection candidates are especially interesting, going so far as to check for OEM branding.

Removal instructions for ScreenShot

What is ScreenShot?

The Malwarebytes research team has determined that ScreenShot is adware. These adware applications display advertisements not originating from the sites you are browsing.

https://forums.malwarebytes.org/topic/186340-removal-instructions-for-screenshot/

How to Create Elevated App Shortcut without UAC Prompt in Windows 10

When you open an application file with Run as administrator, you will get a UAC prompt for approval before the app is allowed to run with elevated rights.

In addition, Windows will not allow elevated apps to run at startup by default.

If you want to run an app as administrator (elevated) without getting a UAC prompt or at startup, then you can create an elevated task to run the application as a workaround to do so.

This tutorial will show you how to create a shortcut of an elevated task to run an app as administrator without getting a UAC prompt in Windows 10.

Read more…

.psd1 files

.psd1 files are usually used as module manifests

You can test the manifest

PS>  Test-ModuleManifest -Path ‘C:Program FilesWindowsPowerShellModulesPester3.4.0Pester.psd1’ | fl

Name              : Pester
Path              : C:Program FilesWindowsPowerShellModulesPester3.4.0Pester.psd1
Description       : Pester provides a framework for running BDD style Tests to execute and validate PowerShell commands inside of PowerShell and offers a powerful set of Mocking Functions that allow tests to mimic and mock the  functionality of any command inside of a piece of powershell code being tested. Pester tests can execute any command or script that is accesible to a pester test file. This can include functions, Cmdlets,  Modules and scripts. Pester can be run in ad hoc style in a console or it can be integrated into the Build scripts of a Continuous Integration system.
ModuleType        : Script
Version           : 3.4.0
NestedModules     : {}
ExportedFunctions : {Describe, Context, It, Should…}
ExportedCmdlets   :
ExportedVariables : {Path, TagFilter, ExcludeTagFilter, TestNameFilter…}
ExportedAliases   :

 

or you can view the whole output

 

PS>  Test-ModuleManifest -Path ‘C:Program FilesWindowsPowerShellModulesPester3.4.0Pester.psd1’ | fl *

LogPipelineExecutionDetails : False
Name                        : Pester
Path                        : C:Program FilesWindowsPowerShellModulesPester3.4.0Pester.psd1
ImplementingAssembly        :
Definition                  :
Description       : Pester provides a framework for running BDD style Tests to execute and validate PowerShell commands inside of PowerShell and offers a powerful set of Mocking Functions that allow tests to mimic and mock the  functionality of any command inside of a piece of powershell code being tested. Pester tests can execute any command or script that is accesible to a pester test file. This can include functions, Cmdlets,  Modules and scripts. Pester can be run in ad hoc style in a console or it can be integrated into the Build scripts of a Continuous Integration system.
Guid                        : a699dea5-2c73-4616-a270-1f7abb777e71
HelpInfoUri                 :
ModuleBase                  : C:Program FilesWindowsPowerShellModulesPester3.4.0
PrivateData                 : {PSData}
Tags                        : {powershell, unit testing, bdd, tdd…}
ProjectUri                  : https://github.com/Pester/Pester
IconUri                     : http://pesterbdd.com/images/Pester.png
LicenseUri                  : http://www.apache.org/licenses/LICENSE-2.0.html
ReleaseNotes                :
RepositorySourceLocation    :
Version                     : 3.4.0
ModuleType                  : Script
Author                      : Pester Team
AccessMode                  : ReadWrite
ClrVersion                  :
CompanyName                 : Pester
Copyright                   : Copyright (c) 2016 by Pester Team, licensed under Apache 2.0 License.
DotNetFrameworkVersion      :
ExportedFunctions           : {[Describe, Describe], [Context, Context], [It, It], [Should, Should]…}
Prefix                      :
ExportedCmdlets             : {}
ExportedCommands            : {[Describe, Describe], [Context, Context], [It, It], [Should, Should]…}
FileList                    : {}
CompatiblePSEditions        : {}
ModuleList                  : {}
NestedModules               : {}
PowerShellHostName          :
PowerShellHostVersion       :
PowerShellVersion           : 2.0
ProcessorArchitecture       : None
Scripts                     : {}
RequiredAssemblies          : {}
RequiredModules             : {}
RootModule                  : Pester.psm1
ExportedVariables           : {[Path, ], [TagFilter, ], [ExcludeTagFilter, ], [TestNameFilter, ]…}
ExportedAliases             : {}
ExportedWorkflows           : {}
ExportedDscResources        : {}
SessionState                :
OnRemove                    :
ExportedFormatFiles         : {}
ExportedTypeFiles           : {}

 

You can also import the contents of the .psd1 file

PS>  Import-PowerShellDataFile -Path ‘C:Program FilesWindowsPowerShellModulesPester3.4.0Pester.psd1’

Name                           Value                                                                                          
—-                           —–                                                                                          
Copyright                      Copyright (c) 2016 by Pester Team, licensed under Apache 2.0 License.                          
ModuleToProcess                Pester.psm1                                                                                    
PrivateData                    {PSData}                                                                                       
PowerShellVersion              2.0                                                                                            
CompanyName                    Pester                                                                                         
GUID                           a699dea5-2c73-4616-a270-1f7abb777e71                                                           
Author                         Pester Team                                                                                    
FunctionsToExport              {Describe, Context, It, Should…}                                                             
VariablesToExport              {Path, TagFilter, ExcludeTagFilter, TestNameFilter…}                                         
Description                    Pester provides a framework for running BDD style Tests to execute and validate PowerShell co…
ModuleVersion                  3.4.0 

 

which in some ways is more useful as you can easily see what is actually in the manifets rather than dealing with a lot of empty properties.

 

You can create .psd1 files to hold other data and read them with Import-PowerShellDataFile. Default parameters for your favourite cmdlets is one thing that comes to mind

Internet – World wide web now 10,000 days old

The internet is now 27 1/3 years as a special celebration of this great resource was noted for today.

https://www.thunderclap.it/projects/44954-10-000-days-of-the-web

Come July 28th, the web will be 10k days old! The web is still in its infancy but through its public release, there has been a tremendous impact on lives around the world. You can get a degree online; order medicine; learn to cook pizza; get real-time news from around the globe; etc.   We want 10,000 people to celebrate the 10,000th day of the Web. Join us on Twitter for a walk down memory lane as we highlight our favorite days out of the past 10,000

Background: On March 12, 1989 Tim Berners-Lee submitted a proposal for a distributed information system at CERN that later became what we know now as the World Wide Web. That makes this Thursday, July 28, the 10,000th day. Until then, we’re partying like it’s day 9,999.

Get-ComputerInfo

One of the new items in PowerShell 5.1 is the Get-ComputerInfo cmdlet

PS>  Get-Command Get-ComputerInfo -Syntax

Get-ComputerInfo [[-Property] <string[]>] [<CommonParameters>]

 

PS>  Get-ComputerInfo

WindowsBuildLabEx                                       : 14393.0.amd64fre.rs1_release.160715-1616
WindowsCurrentVersion                                   : 6.3
WindowsEditionId                                        : Professional
WindowsInstallationType                                 : Client
WindowsInstallDateFromRegistry                          : 19/07/2016 12:27:55
WindowsProductId                                        : XXXXXXXXXXXXXXXXXXXX
WindowsProductName                                      : Windows 10 Pro
WindowsRegisteredOrganization                           :
WindowsRegisteredOwner                                  : XXXXXXXXXXXXXXXXXXXX

WindowsSystemRoot                                       : C:WINDOWS
BiosCharacteristics                                     : {7, 11, 12, 15…}
BiosBIOSVersion                                         : {OEMA – 1072009, 2.05.0250, American
                                                          Megatrends – 4028E}
BiosBuildNumber                                         :
BiosCaption                                             : 2.05.0250
BiosCodeSet                                             :
BiosCurrentLanguage                                     : en|US|iso8859-1
BiosDescription                                         : 2.05.0250
BiosEmbeddedControllerMajorVersion                      : 255
BiosEmbeddedControllerMinorVersion                      : 255
BiosFirmwareType                                        : Uefi
BiosIdentificationCode                                  :
BiosInstallableLanguages                                : 1
BiosInstallDate                                         :
BiosLanguageEdition                                     :
BiosListOfLanguages                                     : {en|US|iso8859-1}
BiosManufacturer                                        : American Megatrends Inc.
BiosName                                                : 2.05.0250
BiosOtherTargetOS                                       :
BiosPrimaryBIOS                                         : True
BiosReleaseDate                                         : 10/04/2015 01:00:00
BiosSeralNumber                                         : 036685734653
BiosSMBIOSBIOSVersion                                   : 2.05.0250
BiosSMBIOSMajorVersion                                  : 2
BiosSMBIOSMinorVersion                                  : 7
BiosSMBIOSPresent                                       : True
BiosSoftwareElementState                                : Running
BiosStatus                                              : OK
BiosSystemBiosMajorVersion                              : 2
BiosSystemBiosMinorVersion                              : 5
BiosTargetOperatingSystem                               : 0
BiosVersion                                             : OEMA – 1072009
CsAdminPasswordStatus                                   : Unknown
CsAutomaticManagedPagefile                              : True
CsAutomaticResetBootOption                              : True
CsAutomaticResetCapability                              : True
CsBootOptionOnLimit                                     :
CsBootOptionOnWatchDog                                  :
CsBootROMSupported                                      : True
CsBootStatus                                            : {0, 0, 0, 0…}
CsBootupState                                           : Normal boot
CsCaption                                               : RSSURFACEPRO2
CsChassisBootupState                                    : Safe
CsChassisSKUNumber                                      : Surface_Pro_2
CsCurrentTimeZone                                       : 60
CsDaylightInEffect                                      : True
CsDescription                                           : AT/AT COMPATIBLE
CsDNSHostName                                           : RSsurfacePro2
CsDomain                                                : WORKGROUP
CsDomainRole                                            : StandaloneWorkstation
CsEnableDaylightSavingsTime                             : True
CsFrontPanelResetStatus                                 : Unknown
CsHypervisorPresent                                     : False
CsInfraredSupported                                     : False
CsInitialLoadInfo                                       :
CsInstallDate                                           :
CsKeyboardPasswordStatus                                : Unknown
CsLastLoadInfo                                          :
CsManufacturer                                          : Microsoft Corporation
CsModel                                                 : Surface Pro 2
CsName                                                  : RSSURFACEPRO2
CsNetworkAdapters                                       : {USB Ethernet, WiFi, Bluetooth Network
                                                          Connection}
CsNetworkServerModeEnabled                              : True
CsNumberOfLogicalProcessors                             : 4
CsNumberOfProcessors                                    : 1
CsProcessors                                            : {Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz}
CsOEMStringArray                                        : {EU}
CsPartOfDomain                                          : False
CsPauseAfterReset                                       : -1
CsPCSystemType                                          : Mobile
CsPCSystemTypeEx                                        : Slate
CsPowerManagementCapabilities                           :
CsPowerManagementSupported                              :
CsPowerOnPasswordStatus                                 : Unknown
CsPowerState                                            : Unknown
CsPowerSupplyState                                      : Safe
CsPrimaryOwnerContact                                   :
CsPrimaryOwnerName                                      : XXXXXXXXXXXXXXXXXXXX
CsResetCapability                                       : Other
CsResetCount                                            : -1
CsResetLimit                                            : -1
CsRoles                                                 : {LM_Workstation, LM_Server, NT,
                                                          Potential_Browser…}
CsStatus                                                : OK
CsSupportContactDescription                             :
CsSystemFamily                                          : Surface
CsSystemSKUNumber                                       : Surface_Pro_2
CsSystemType                                            : x64-based PC
CsThermalState                                          : Safe
CsTotalPhysicalMemory                                   : 8506093568
CsPhyicallyInstalledMemory                              : 8388608
CsUserName                                              : RSsurfacePro2Richard
CsWakeUpType                                            : PowerSwitch
CsWorkgroup                                             : WORKGROUP
OsName                                                  : Microsoft Windows 10 Pro
OsType                                                  : WINNT
OsOperatingSystemSKU                                    : 48
OsVersion                                               : 10.0.14393
OsCSDVersion                                            :
OsBuildNumber                                           : 14393
OsHotFixes                                              : {KB3176927}
OsBootDevice                                            : DeviceHarddiskVolume2
OsSystemDevice                                          : DeviceHarddiskVolume4
OsSystemDirectory                                       : C:WINDOWSsystem32
OsSystemDrive                                           : C:
OsWindowsDirectory                                      : C:WINDOWS
OsCountryCode                                           : 44
OsCurrentTimeZone                                       : 60
OsLocaleID                                              : 0809
OsLocale                                                : en-GB
OsLocalDateTime                                         : 28/07/2016 14:30:32
OsLastBootUpTime                                        : 27/07/2016 09:02:45
OsUptime                                                : 1.05:27:47.0631253
OsBuildType                                             : Multiprocessor Free
OsCodeSet                                               : 1252
OsDataExecutionPreventionAvailable                      : True
OsDataExecutionPrevention32BitApplications              : True
OsDataExecutionPreventionDrivers                        : True
OsDataExecutionPreventionSupportPolicy                  : OptIn
OsDebug                                                 : False
OsDistributed                                           : False
OsEncryptionLevel                                       : 256
OsForegroundApplicationBoost                            : Maximum
OsTotalVisibleMemorySize                                : 8306732
OsFreePhysicalMemory                                    : 5530384
OsTotalVirtualMemorySize                                : 9617452
OsFreeVirtualMemory                                     : 6525292
OsInUseVirtualMemory                                    : 3092160
OsTotalSwapSpaceSize                                    :
OsSizeStoredInPagingFiles                               : 1310720
OsFreeSpaceInPagingFiles                                : 1274160
OsPagingFiles                                           : {C:pagefile.sys}
OsHardwareAbstractionLayer                              : 10.0.14393.0
OsInstallDate                                           : 19/07/2016 13:27:55
OsManufacturer                                          : Microsoft Corporation
OsMaxNumberOfProcesses                                  : 4294967295
OsMaxProcessMemorySize                                  : 137438953344
OsMuiLanguages                                          : {en-GB}
OsNumberOfLicensedUsers                                 :
OsNumberOfProcesses                                     : 77
OsNumberOfUsers                                         : 2
OsOrganization                                          :
OsArchitecture                                          : 64-bit
OsLanguage                                              : en-GB
OsProductSuites                                         : {TerminalServicesSingleSession}
OsOtherTypeDescription                                  :
OsPAEEnabled                                            :
OsPortableOperatingSystem                               : False
OsPrimary                                               : True
OsProductType                                           : WorkStation
OsRegisteredUser                                        : XXXXXXXXXXXXXXXXXXXX
OsSerialNumber                                          : 00330-80000-00000-AA844
OsServicePackMajorVersion                               : 0
OsServicePackMinorVersion                               : 0
OsStatus                                                : OK
OsSuites                                                : {TerminalServices,
                                                          TerminalServicesSingleSession}
OsServerLevel                                           :
KeyboardLayout                                          : en-GB
TimeZone                                                : (UTC+00:00) Dublin, Edinburgh, Lisbon,
                                                          London
LogonServer                                             : \RSSURFACEPRO2
PowerPlatformRole                                       : Slate
HyperVisorPresent                                       : False
HyperVRequirementDataExecutionPreventionAvailable       : True
HyperVRequirementSecondLevelAddressTranslation          : True
HyperVRequirementVirtualizationFirmwareEnabled          : True
HyperVRequirementVMMonitorModeExtensions                : True
DeviceGuardSmartStatus                                  : Off
DeviceGuardRequiredSecurityProperties                   :
DeviceGuardAvailableSecurityProperties                  :
DeviceGuardSecurityServicesConfigured                   :
DeviceGuardSecurityServicesRunning                      :
DeviceGuardCodeIntegrityPolicyEnforcementStatus         :
DeviceGuardUserModeCodeIntegrityPolicyEnforcementStatus :

 

You can use the –Property parameter to restrict output

PS>  Get-ComputerInfo -Property OsArchitecture, OsUptime

OsArchitecture OsUptime
————– ——–
64-bit         1.05:34:53.9424271

 

Wild cards are allowed so this works and lists all properties starting with OS

Get-ComputerInfo -Property Os*

 

Looking at the output it seems to be a collection of properties from a number of CIM classes. Might be fun to track down what comes from where one rainy day

PowerShell 5.1 preview

Windows 10 shipped with PowerShell 5.0 installed. The latest preview builds, and presumably, next months anniversary update have had PowerShell 5.1. Windows 2016 TP5 also ships with PowerShell 5.1

A PowerShell 5.1 preview is now available for Windows 7, 8.1, 2008 R2, 2012 and 2012 R2

Details from

https://blogs.msdn.microsoft.com/powershell/2016/07/16/announcing-windows-management-framework-wmf-5-1-preview/

LastPass Zero Day Bug … Don’t Panic!

Same advice as on the cover of the “Hitchhiker’s Guide to the Galaxy”!

Not really a “Zero Day” bug. Just a proof of concept. Be sure to apply the patch when they come up with it.

LastPass password manager “zero-day” bug hits the news

Removal instructions for Product Key

What is Product Key?

The Malwarebytes research team has determined that Product Key is a Tech Support Scam. These so-called “Tech Support Scammers” try to trick you into calling their phone number for various reasons, all of which turn out to be fraudulent in the end.
This particular one uses the Winlogon-Shell registry value to lock up the victim’s system.

https://forums.malwarebytes.org/topic/186299-removal-instructions-for-product-key/

How to Restore Default Services in Windows 10

A service is an application type that runs in the system background without a user interface and is similar to a UNIX daemon process. Services provide core operating system features, such as Web serving, event logging, file serving, printing, cryptography, and error reporting.

This tutorial provides you with registry downloads that will completely restore any of the default services and their settings in Windows 10. This can be handy if a service was deleted by mistake, is missing, or had it’s properties set improperly.

Read more…

Windows 10 – Countdown clock for WIN7 and WIN8 users

This link shares the exact time in which the free upgrade offer expires for WIN7 or WIN8 users to upgrade to WIN10 free of charge (about 2 days from now)

https://www.microsoft.com/en-us/WindowsForBusiness/buy

 

 

Latest leap second plan poses a dilemma for conscientious sysadmins

Bet you didn’t know that every year or so, an extra “leap second” is added to UTC time… Me neither…  🙂

Latest leap second plan poses a dilemma for conscientious sysadmins

The Sundown exploit kit delivers a Zeus Panda variant that targets UK banks

Spybot Search & Destroy Weekly Update – July 27, 2016

2016-07-27
Adware
++ Ad.Clicky ++ Ad.DiVapton ++ Ad.Fralimbo ++ Ad.IESuper + Ad.QvodPlayer + Firseria + Install.DomaIQ
Keylogger
+ Win32.ActiveKeyLogger
PUPS
+ PU.MultiInst
Spyware
+ Marketscore.RelevantKnowledge
Total: 2620542 fingerprints in 831680 rules for 7684 products.

»www.safer-networking.org ··· updates/

SQL Server 2016 Cumulative Update 1

Microsoft has released the Cumulative Update 1 for SQL Server 2016 (RTM):

The following picture shows you the areas where bugs are fixed:

SQL Server 2016 CU1 593x423

Enjoy!

Removal instructions for VMC Media Player TSS

What is VMC Media Player TSS?

The Malwarebytes research team has determined that VMC Media Player TSS is a Tech Support Scam. These so-called “Tech Support Scammers” try to trick you into calling their phone number for various reasons, all of which turn out to be fraudulent in the end.
This particular one uses the Winlogon-Shell registry value to lock up the victim’s system.

https://forums.malwarebytes.org/topic/186250-removal-instructions-for-vmc-media-player-tss/

Microsoft Security Bulletin Minor Revisions Issued: July 26, 2016

Summary

The following bulletins and/or bulletin summaries have undergone a
minor revision increment.

Please see the appropriate bulletin for more details.

* MS16-058

Bulletin Information:

MS16-058

– Title: Security Update for Windows IIS (3141083)
– »technet.microsoft.com/li ··· 058.aspx
– Reason for Revision: V1.1 (July 26, 2016): Bulletin revised to
add Updates Replaced information to all entries in the Affected
Software table. This is an informational change only. Customers
who have already successfully installed the updates do not need
to take any action.
– Originally posted: May 10, 2016
– Updated: July 26, 2016
– Bulletin Severity Rating: Important
– Version: 1.1

Microsoft® Windows Insider MVP
Microsoft® Consumer Security MVP, 2004 – 2016
DP’s Security Bits

Recent Comments

Archives