Saturday, December 5, 2009

Fix when jump list items get stuck in Windows 7

Sometimes jump list items will get “stuck” within Windows 7.


To remove these entries, open a Explorer window and enter the following path:



The list displayed will be odd file names.  You can open the files within Notepad to hopefully determine the entry to delete.


Friday, December 4, 2009

FixWin Utility

This utility offers a GUI for several Registry hacks.

Core Configurator

Core Configurator is a piece of software designed to offer some GUI configuration options for a Windows Server Core installation.

How to delete a “protected” file within Windows 7

Certain files within Windows 7 can not be deleted even as using the administrator account.  Launch a command prompt with administrative privileges and use the following commands.

takeown /f C:\folder\file

cacls C:\folder\file /G account:F


Linux distros for children

The links below are for Linux distributions that are intended for children.

Create a system backup within Windows 7

Windows 7 (and Vista) have an option to create a system image backup.  Click on the Start Menu and type “backup” in the search dialog box.  Select the Backup and Restore menu item.


Click on the “Create a system image” option.


It is easier to create a system image using an external USB hard drive.  If you have one connected, select the device under the hard drive drop-down box.  Click on the Next button once a selection has been made.


Once selected, click on the “Start backup” button.


A dialog box should appear displaying progress of the backup.


A dialog box will appear asking if you wish to create a System Repair disc.  You can create one now or later.


Once a decision has been made concerning the System Repair disc, the final dialog box should be displayed.


Trigger services within Windows 7

Windows 7 includes a new type of service called trigger.  A trigger-start service is a regular service that you can configure to run (or stop running) only when certain criteria and conditions that you define are met.  Some conditions would be:

Device arrival or departure

Joining or leaving a domain

Opening or closing a firewall port

Group policy change

To view trigger information, use the sc command with the parameter of qtriggerinfo.


Certain services will not have any triggers present.



Dia is a diagram application that could be considered a replacement for Microsoft’s Visio.

A portable version is also available.

Thursday, December 3, 2009

Create a system repair disc within Windows 7

A System Repair disc can be used to boot a computer to attempt to recover the locally installed operating system.  To create a disc, access the Start Menu and type “system repair” in the search dialog box.


Place a blank DVD disc in your DVD writable drive and click on the “Create disc” button.


As long as the blank disc is found successfully, a progress bar should appear.


A final dialog box should appear asking for you to label the disc that was created.


How to enable the Quick Launch bar in Windows 7

The link below contains the instructions to enable the Quick Launch toolbar within Windows 7.

Visual Subst

This application allows a drive letter to be mapped to a particular path.

Tuesday, December 1, 2009

Old Apps Web Site

This site has older versions of certain popular applications.


UNetbootin allows you to create bootable Live USB drives for a variety of Linux distributions from Windows or Linux, without requiring you to burn a CD.

Friday, November 20, 2009

Fix It option for Windows Update issues

As a follow-up to a previous posting concerning troubleshooting WSUS connectivity, Microsoft has made available a Fix It solution for Windows Update issues.

Some manual steps would include:

a. Stop the Automatic Updates service
b. Rename the software distribution folder (i.e. C:\Windows\SoftwareDistribution).
c. Restart the Automatic Update service
d. Run wuauclt /resetauthorization /detectnow
e. Run wuauclt /reportnow

If a machine does not appear within the WSUS console, a client ID may be the same as another computer.

a. Stop the automatic service
b. Delete the SUSclientID reg key


c. Restart the automatic service 
d. Run wuauclt /resetauthorization /detectnow 
e. Run wuauclt /reportnow

VHD Attach

This is small tool that adds Attach and Detach option to contextual (aka right-click) menu of Virtual disk (vhd) files.

Virtual CloneDrive

Virtual CloneDrive works and behaves just like a physical CD/DVD drive, however it exists only virtually. Image files generated with CloneDVD or CloneCD can be mounted onto a virtual drive from your hard-disk or from a network drive and used in the same manner as inserting them into a normal CD/DVD drive.

Wednesday, November 11, 2009

SS64 Web Site

The SS64 web site is a reference for command line options for several different databases and operating systems.


Webconverger is a Debian-based Linux distribution for web kiosks with the Firefox web browser as the only application.

Saturday, November 7, 2009

SkyDrive Explorer

Skydrive is a free storage area offered via (current space limit is 25 GB).  The normal access method is via a web browser.  But the software below allows access via the local Windows Explorer interface.

Svchost Process Analyzer

This utility offers details concerning the processes running under the generic svchost.exe process.

Prefetch folder within Windows

Windows has a feature called Prefetch.  Prefetch is designed to “cache” certain components over time so popular applications on a system will launch faster in the future.

A folder is present under the SystemRoot folder called Prefetch:


The .pf files are associated with the application in question.  A file should be present under this directory called Layout.ini.  This file includes the full path of the executables that have been processed:


To obtain more information, download and unzip the Windows File Analyzer tool found at:

This utility will display data such as the date of creation and the last access time.


More information concerning the Prefetch folder can be found within the documentation file included with the Windows File Analyzer download.

Speed Test Links

Below are some sites that offer network speed tests.

Tuesday, November 3, 2009

Wallpaper Web Site

This site has wallpaper images with different resolutions.

Nmap Information

Below is some general information concerning the Nmap application found at:

-sL –> list scan

-PS port number –> sends a TCP SYN packet to ports listed

-PA port number –> sends a TCP ACK packet to the ports listed

-PU port number –> sends a UDP packet to the ports listed

-n –> no DNS resolution

-R –> DNS resolution for all hosts

-sP –> ping scan

-PN –> disable ping; treat all hosts as online

-6 –> TCP/IP version 6

-T4 –> more aggressive timing policy to speed up the scan

-sS –> TCP SYN stealth

-sT –> TCP connect

-sU –> UDP

-sI –> TCP idle scan

-p –> port selection

-A –> aggressive tests, including OS and version detection


-v –> verbose

--append output







-oN –> normal report

-oG –> grepable report

-oX –> XML report

-oA –> all three report formats


Sunday, November 1, 2009


Ninite is a web page that allows you to select different applications and create a custom installer.  This allows multiple programs to be installed at one time.

Detecting support for hardware virtualization

Microsoft’s Virtual PC and XP Mode within Windows 7 requires hardware-assisted virtualization.  Microsoft has released a tool found at the link below to test a computer for this component:


Another option to check for this requirement would be to use the Securable application from GRC:


Instructions for downloading portable Firefox

In some situations such as software conflicts and/or  malware, Internet Explorer may not function properly.   As a short-term solution, a portable version of Firefox can be used.   The advantage of a “portable” application is it does not modify any system files or folders on your computer.   These types of programs are designed to run from an USB thumb drive.

The instructions below describe how to download and extract the portable version of Firefox.  If your Internet Explorer version is too unstable to complete these tasks, another computer will need to be used.   The web site to find the portable version of Firefox (and other portable applications) is

In the example below, Microsoft Vista was used, so the screen may appear somewhat different if you are using another operating system such as Windows XP.   But the concepts are the same.   In our example, we will save the .EXE file to our Desktop. But any location will work as long as you can remember the path to the .EXE.

The main download page may appear similar to the screen capture below.



Once the download process has completed, double-click on the .EXE file. Click on the Run button.


Click on the Next button.


Click on the Browse button and select your Desktop folder.  If you wish to use an USB thumb drive, select the path to the device.



You can select another folder path if you wish.   Click on the Install button.

Click on the Finish button once the extraction process has completed.


Once the extraction process has completed, a folder named FirefoxPortable should be present.   At this point, you can copy this folder to an USB thumb or flash drive if you are using another computer.   Under this folder should be an .EXE file named FirefoxPortable.exe.


When the application is first launched, use the default parameter.


To remove the application from your computer or USB thumb drive, simply delete the FirefoxPortable folder.   One disadvantage of Portable Firefox is some common plug-ins such as Adobe Flash is not present by default.   In the example below, simply click on the hyperlink to install Flash.


PacketShaper Information

Below are commands for a PacketShaper device available via the command-line interface.

hostdb info -> Tells you what hosts are active and how much bandwidth they are using

hostdb show -> Tells you the active host and if they are sending TCP/UDP packets

hostdb topusers -> Similar to top talkers/top listeners

links show -> Display the current programmed link speeds with link statistics

net nic -> View network statistics such as packets transmitted and discarded

setup shaping on|off|bypass|passthru|watch -> When shaping is turned on, traffic is classified and measured, and control policies are enforced.  When shaping is off, traffic is classified and measured but not managed

traffic active -> Display the current, maximum, and possible number of sessions for TCP, UDP, and Legacy traffic types

traffic bandwidth -> Display bandwidth utilization for a partition

traffic flow -to -uo -> Display summary information about some or all currently active TCP connections and/or UDP sessions

traffic flow -tup -> Displays the source and destination IP address, port numbers, Inbound and Outbound classes the traffic is hitting, and the PacketWise service name

traffic history find IP ADDRESS -> Is useful for determining the servers that a specified client IP address is transferring data with, or the clients that are retrieving data from a specific server.  It can also be used to determine exactly what type of network applications a specified PC is using

traffic tree -> Provides detailed information about how often classes and their associated policies are accessed by the PacketWise classification process, along with rate information for each class

version verbose -> Display the software version, model, serial number, and memory capacity.  Use the verbose option to list the part number, the inside and outside MAC addresses, installed keys, and installed classification plug-ins.

setup show -> Use the setup show command to see a list of sharable settings that are stored in the configuration file.
class test -> Test a traffic flow against the present classification tree.  class test [ ]

sys limits -> List the Packeteer unit's configuration limits.  For each object (such as classes, partitions, and policies), the sys limits output lists the maximum number of objects allowed, currently used, and remaining.  For example, you can use this command to determine how many more classes you can create on your unit.

host info -sf -n 20 -> This command will display the top 20 hosts with the most connections.

host info -sr -n 20 -> This command displays the top 20 bandwidth users sorted by their usage.

host show ip address -> This command will display data concerning a certain IP address.

traffic history find ip address -> This command displays past activity for a particular IP address.

traffic flow -tupIA ip address -> This command displays current activity for a particular IP address.

net pna -> Display network statistics

traffic flow -tupIxc class -> This command will display all the tcp and udp flows hitting the specified class.

traffic flow -tupIn 100 -> This command displays 100 current flows.

traffic history recent class -> This command displays which users are using an application.

traffic flow -tpc class -> This command will display the current users of a particular class.

host info -sp -n 20 -> This command will display the top 20 hosts that have the most failed flows the last 1 minute.

sys health -> This command will show if a unit is being overloaded.

packetcapture status -> List the current packet capture settings.

packetcapture add class: -> Specify a class for which you want to capture packets.

packetcapture remove class: -> Remove an existing filter for a class.

packetcapture on -> Enable packet capture.

packetcapture off -> Disable packet capture.

Friday, October 23, 2009

Video Links

Most everyone has heard of or used YouTube, but the sites below offer video content as well.

Windows 7 USB/DVD Download Tool

Microsoft has released an utility to accept an .ISO image and create a USB drive that can be used to install Windows 7.



Wednesday, October 21, 2009

Common Registry Path under 64-bit Windows

A common Registry path for items to load automatically in Windows is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.  Under a 64-bit version of Windows, this path may be different with 32-bit applications.



Tuesday, October 20, 2009

PaperCut Print Logger

PaperCut Print Logger is a free print logging application for Windows systems designed to provide real-time activity logs detailing all printer use.

Thursday, October 15, 2009

Windows 7 Resource Kit PowerShell PowerPack

Windows PowerShell Pack contains 10 modules to help supercharge your Windows PowerShell scripting.  The PowerShellPack lets you write user interfaces in PowerShell script, manage RSS feeds, schedule operating system tasks, etc.  The PowerShell Pack contains over 800 scripts in 10 different modules.

Saturday, October 10, 2009

WSUS Troubleshooting

The information below is concerning the Windows Update process and a WSUS service on the backend.  To manually start the process to have a Windows client to check for new updates, run this command at the command prompt:

 wuauclt.exe /detectnow

If new updates to not appear to be downloaded, open the following file and check for errors.


One procedure to use if updates are not “flowing” is to stop the automatic updates service, delete the %SystemRoot%\softwaredistribution folder, start automatic updates service, run wuauclt.exe /detectnow and wait about 10 minutes.

Another procedure would be to at a command prompt run:

regsvr32 /u wuaueng.dll

Delete the folder %SystemRoot%\softwaredistibution

Delete %SystemRoot%\windowsupdate.log

At a command prompt run:

 regsvr32 wuaueng.dll

At a command prompt run:

 net start wuauserv

At a command prompt run:

wuauclt.exe /resetauthorization /detectnow

Another possibility is to download an updated client.  Details can be found at:

When updating the local client, the following command line parameter may be used to force the installation:

WindowsUpdateAgent30-x86.exe /wuforce

The SUSID is how WSUS identifies each and every system in it's environment.  The path within the Registry for this information is:



If a computer is being cloned, the key above may need to be deleted so the new machines are displayed as separate items within the WSUS console.

Friday, October 9, 2009


This site has a list of security-based videos.

Thursday, October 8, 2009

Google Tips and Tricks

By default, Google will search the entire current index.  For example, if I enter the text “word” within Google, I received numerous entries from different sources:


But what if I wished to search for Word within Microsoft’s web site?  I could use the “site:” parameter.  I enter the web site I wish to limit my search to after the text of “site:” then the text I wish to search for.  Notice all of the results below are to compared to the results above.


The search results can also be limited to a particular domain type, such as .EDU.


If I am looking for a particular file type, I can use the “filetype:” parameter.  Below is a search of Microsoft’s site for .DOC files:


If you wish to search for a string of text, enclose the entire string within quotes.


Google can be used as a dictionary using the “define:” parameter.


Google can also offer the current time of any location by typing time followed by the site:


The same trick can be used for weather:


Google can also be used as a calculator.


The “related:” parameter allows a search for other web sites with similar topics or content.


If you are curious who has hyperlinks to a site, the “link:” parameter can be used.


If a web site is off-line for some reason, the “cache:” parameter plus the normal web site address can allow access to a version that Google has kept.


Additional Links: