Remove the Fake AnonPop Ransomware (

The Anonpop Fake Ransomware is a malware program discovered by @JAMESWT_MHT that pretends to be a ransomware that encrypts your files and demands a ransom of $125 to decrypt them. In reality, though, this program does not encrypt any of your files and deletes them instead. Thankfully, these scumbags do not securely delete the files and you can use Shadow Volume Copies or programs like Recuva or PhotoRec to recover your files.

Remove the Browser Hijacker (Removal Guide)

The Browser Hijacker is a browser hijacker from the Adware/ShortcutHijacker family that changes the home page of your installed browsers to It does this by modifying the shortcuts for all of your installed browsers, so that if you click on them, they will automatically open the home page.

How to Set PowerShell Script Execution Policy in Windows 10

The PowerShell script execution policy enables you to determine which Windows PowerShell scripts (if any) will be allowed to run on your computer.

This tutorial will show you different ways on how to set the PowerShell script execution policy for the current user or local machine in Windows 10.

Read more…

Retain builds from Release ManageMENT

When releasing with Microsoft Release Manager “vNext” the linked builds don’t automatically get marked as retained forever. If you want to be able to re-deploy released builds you want to ensure the builds are not deleted by retention polices. It’s a good idea to let the release definition take care of this (at some point, perhaps in the release to production stage) and mark the released builds as retained.

Here’s a PowerShell script that gets the builds used in the release and set the “keep forever” flag on the builds:


You can use this from your release definition either by including the script in one of the build artifacts and reference it or using an in-line PowerShell script step:


Note: the script above works with an on-prem TFS (using default credentials), if you want to use it with VSTS you need to include an authentication header instead and pass a personal access token.

$username = “”
$basicAuth = (“{0}:{1}” -f $username,$password)
$basicAuth = [System.Text.Encoding]::UTF8.GetBytes($basicAuth)
$basicAuth = [System.Convert]::ToBase64String($basicAuth)
$headers = @{Authorization=(“Basic {0}” -f $basicAuth)}

Then replace the –UseDefaultCredentials with -headers $headers.

Get the complete script here (rename to .ps1).

PowerShell Summit & Conference videos 2016


If you didn’t get to any of these conferences this year the videos are now available.


PowerShell and DevOps Summit


European PowerShell Conference


You might find this interesting as well.

WinOps conference

Pale Moon updated to 26.3.2 – Windows only!

This is a Windows-only update to fix a number of issues on Windows 8 and 10.
Non-windows operating systems do not need this update!


  • Fixed a rare issue where the browser would not initialize properly (missing bookmarks and menu entries) if certain Windows registry values were missing (Windows 8 only).
  • Fixed an issue on Windows 10 where the classic menu bar/page title would become unreadable (white on white).
  • Portable only: Switched to non-compressed binaries to prevent issues with antivirus packages, to prevent issues with browser run-time operation, and to simplify code signing.
    Note: if you prefer compressed binaries like before, you can compress them yourself with UPX.

Check for dangerous or unsigned Certificates using SigCheck

The EduCrypt Ransomware tries to teach you a Lesson

Microsoft Windows – Reinstall techniques for WIN7, WIN8, or WIN10

This PC World article shares reinstall options for Windows 7, 8, and 10 as noted below:

A full, clean reinstall is different from the Reset your PC option in Windows 10 and 8, or a manufacturer’s recovery partition or disk for Windows 7. Those built-in options will set your PC back to its factory-default state—which could include some vendor-installed junk you never wanted anyway. A clean install uses the generic Windows installation media that you can download from Microsoft, and it’ll have just the OS, no other frills.  Before we begin, back up all of your personal data. While you should back up your data regularly, it is especially important to do so before reinstalling an operating system.

Windows 8: Reset or Refresh Your PC — Windows 8 added ”Refresh your PC” and “Reset your PC” features that attempt to make installing Windows easier. Both of these options actually perform a Windows reinstall in the background, quickly installing a fresh Windows system from the recovery files on your computer’s drive, a Windows installation disc or USB drive.

Windows 10: Reset This PC — On Windows 10, this option is just named Reset this PC. You can reset your PC and keep all your personal files and Windows Store apps, or reset your PC and wipe everything from your disc. Either way, you’ll have to install all your desktop programs again, but that’s the point: You get a fresh Windows desktop system with all your system files in a known-good state.

Windows 7: OEM recovery partition or DVDs — In Windows 7 and previous versions of Windows, it’s up to the PC manufacturer to provide a recovery partition or recovery discs. Most manufacturers don’t include Windows installation discs with their computers. If your computer has a recovery partition, run your manufacturer’s recovery tool to reinstall Windows. On many PCs, you’ll have to press a key during the boot process to access the recovery tool. This key may be displayed on your screen. It should also be printed in your computer’s manual.

Bart Ransomware being Spammed by the same devs behind Locky

Ransomware – BART uses new design without command and control capability

Ransomware continues to be a highly destructive threat to information resources.  Design innovation continues as documented by the SANS Internet Storm Center and Phishme security sites
Phishme is reporting the discovery of a new ransomware which its creators have named Bart. Bart shares several commonalities with the Locky ransomware.  Bart is delivered by the same downloader, RockLoader.  The payment site bares a striking resemblance to the Locky page.
But Bart also deviates from Locky in other ways.  The ransom is much higher, 3 Bitcoins, approximately $2000.  But probably the most striking difference is that unlike most ransomware variants Bart does not require a command and control to facilitate the encryption and in fact looks like it has no command and control capability.  Bart does not utilize the complex public-private key or symmetric encryption methods that have become common in ransomware.  Instead it stores the encrypted files in password protected zip files, and utilizes a victim id and a tor-based payment website to  facilitate decryption.

Toymaster has released Security Mailer V16 #26

Apple critical update for AirPort; browser PaleMoon update 2x; Cisco Security Advisories; Linux updates, Microsoft bulletin revisions, Windows 10 update, fix for Windows 7 slow update scans; important General Security entries

Microsoft section includes details on the Windows 7 slow update scan fix, and Microsoft Pro section is loaded with helpful info

Security Mailer V16 #25

Removal instructions for WindowsLicenseUpdate

What is WindowsLicenseUpdate?

The Malwarebytes research team has determined that WindowsLicenseUpdate is a Tech Support Scam. These so-called “Tech Support Scammers” try to trick you into calling their phone number for various reasons, all of which turn out to be fraudulent in the end.
For more information on this particular type of Windows Shell hijackers please read this blogpost.

How to Rebuild Font Cache in Windows 10

The font cache is a file or set of files used by Windows to manage and display the fonts that are installed on your PC. Sometimes the font cache may become corrupted and cause fonts to not appear properly. To fix the font cache corruption, you will need to delete the old font cache and restart the computer afterwards to rebuild a new font cache.

This tutorial will show you how to rebuild the font cache to repair it in Windows 10.

Read more…

Alexa, Sonos, Smart Things, Harmony, Oh My

So I wasn’t invited to the Logitech Harmony Ultimate Alexa beta and I have some concerns about how Sonos activities are going to be handled with respect to Alexa’s voice recognition.

It isn’t exactly transparent how to add/configure the Harmony->Sonos->Smart Things->Alexa routines to start Playlists or Stations from your Sonos favorites after you’ve done an initial setup. You have to roll up your sleeves and get a little dirty.

When you edit your Sonos favorites in any official Sonos App (add/remove, etc.) the Harmony App/Remote doesn’t necessarily reread the Sonos lists. To get a revised Sonos Favorites list to refresh for Harmony, you need to START a Sonos favorite, hit the star key on the bottom of the app, then scroll and hit REFRESH. Then you can edit that activity and select a new channel or add Activities and specify a Sonos favorite from the refreshed, up to date list.

Below is a screen shot of the first “page” of (scrollable) activities. The naming convention is something I’m working on, and I’ll explain a little further along in this post. Ideally, I should be able to use the same Activity Name across the board, but this turns out to be problematic and confusing.


When you’ve configured and tested your new or edited Activities, next step is to add a Thing to SmartThings. This, too, isn’t intuitive. Select the + on the Things screen on your phone, then Entertainment, Buttons/remotes. Select Logitech. Your already configured Harmony Hub will appear. Select it, watch the spinning cursor as it refreshes and pulls down your revised, increased list of Harmony Activities. Then select additional activities, watch the cursor spin and the app will populate with the revised list of activities.

Smart Things insists on adding [Harmony Remote] to the end of activities imported from Harmony; you’ll need to edit them to at least remove the [Harmony Remote]. To edit, tap the activity to open its page and then the gear wheel to edit the name. Here’s where the name game becomes interesting. I’ll come back to this when I’m done explaining the process to get all of this hooked up to Alexa for voice control.


The final step is to access the Smart Home tab in the Alexa Echo app. If you have the SmartThings skill enabled, you will need to disable it and then enable it so that it can re-read the list of “Things”. Then you’ll need to re-run Discovery (a pop-up should automatically appear to action this). All of your new activities should now show in the Your Devices list. And you’ll need to do this each and every time you edit or add a “Thing”.

There’s a big gotcha to be aware of. You can’t use the Station name/Playlist Name in your Sonos Favorites. You can’t use any Artist name or recognizable Playlist Name because Alexa will ignore the SmartThings skill and play music natively on Echo/Dot.

Here’s how I learned what works and what doesn’t.

I discovered that when I selected an Amazon Playlist named ABBA (or even the Pandora ABBA Station) from Favorites for the channel to play from Sonos on the Harmony Activity named Sonos Music and linked it with SmartThings and enabled Alexa that every single time Alexa played something else named Sonos on the current Sonos speaker (or already grouped speakers). And completely ignored the SmartThings list. When I renamed the “Thing” to My Sonos in SmartThings and removed/re-added the skill in the Alexa App, I had better luck, but only some of the time.

I similarly had problems with a John Denver and a Judy Collins playlist in Favorites. Alexa consistently ignored the SmartThings skill and played music by (whomever) on the Echo or DOT. .

After the above limitations sunk in, I decided to try a task based name, Exercise Workout. I set that up and was able to use ANY Sonos favorite without confusing Alexa. So in SmartThings, I currently have Sonos Colorado for John Denver and Sonos Folk for Judy Collins (these work). I’ll have to come up with better, memorable names that are task based.

So now I’m going to finish the task of renaming activities on the Harmony and in SmartThings to get this Harmony-Sonos-SmartThings-Alexa setup to work 100% of the time. Probably using task based and/or some other convention that Alexa won’t recognize. If you have any ideas, let me know on Twitter @barbbowman.

And I hope that the same situation isn’t true with the coming “native” Alexa support for the Logi Harmony Ultimate.

Too many Windows 10 releases????????

The last couple of days have seen some incredibly stupid headlines but one that caught my eye was someone from the “computer press” whining that there are too many releases of Windows 10.




What part of the Windows Insider Preview program does this person not understand?


You have to sign up to get Windows Insider Previews!


You have a choice of the fast ring (all releases) or the slow ring (fewer releases).


if you don’t want new releases take your self off the program!


Bet we’d get whines that Microsoft wasn’t doing enough releases if they went back to 1 every three or more years.


Complain about technical problems by all means but something you signed up to do!


Needless to say I’ve dropped that feed

How to Hide or Show ALT+TAB Background Windows in Windows 10

When you press ALT+TAB or CTRL+ALT+TAB to switch between open windows in Windows 10, any windows in the background of ALT+TAB will show by default.

This tutorial will show you how to hide or show windows in the background of ALT+TAB for your account in Windows 10.

Read more…

How to Adjust ALT+TAB Desktop Background Dimming Percent in Windows 10

When you press ALT+TAB or CTRL+ALT+TAB to switch between open windows in Windows 10, the desktop background will not be dimmed by default.

This tutorial will show you how to adjust the ALT+TAB desktop background dimming percentage you want for your account in Windows 10.

Read more…

Parallel processing

One of the great features PowerShell brings is the ability to remotely administer your servers. Most people begin remote administration by processing the servers sequentially. Eventually, this process breaks down because you have too many servers and/or the processes you are running against each server are long running.


At this point you have to consider parallel processing.


The UK TechNet blog has recently published my article on the options for parallel processing using various PowerShell techniques

Chrome Releases

The stable channel has been updated to 51.0.2704.106 for Windows, Mac, and Linux.

The Beta channel 52.0.2743.49 (Platform version: 8350.38.0) has been released for all Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.


Recent Comments