Wednesday, March 2, 2016

Windows 10 and WindowsUpdate.log

The WindowsUpdate.log file is still present within Windows 10, but no data is contained within it.


To view dates and times of update traffic, launch an elevated PowerShell session and use the cmdlet Get-WindowsUpdateLog.


A .log file should be created on the desktop of the account being used.



To “clean up” the output, use the following command:

(Get-Content "WindowsUpdate.log") -notmatch "1600/12/31" | Out-File -Encoding ASCII "WindowsUpdateCleaned.log"



Additional details on this topic may be found at

Rootcheck and Lynis

Rootcheck and Lynis are applications designed to check the security configuration of a Unix-based operating system.

How to disable ads on the Windows 10 lock screen

Access Settings –> Personalization –> Lock Screen tab.  Change the background parameter from “Windows Spotlight” to another value such as “Picture.”  Disable the option “Get fun facts, tips, tricks, and more on your lock screen”.



LPAR2RRD collects performance data and generates actual, historical and future trends utilization graphs of your virtual environment.

It is agentless (it receives everything from the management stations like vCenter or HMC).
The product supports IBM Power Systems and VMware virtualization platforms.
Collected data set can be extended about data provided by the OS Agents or NMON files.

Group Policy Analysis Tool

Policy Analyzer is a utility for analyzing and comparing sets of Group Policy Objects (GPOs). It can highlight when a set of Group Policies has redundant settings or internal inconsistencies, and can highlight the differences between versions or sets of Group Policies. It can also compare GPOs against current local policy settings and against local registry settings. And you can export its findings to a Microsoft Excel spreadsheet.

Local Group Policy Object Utility

LGPO.exe is a new command-line utility to automate the management of local group policy. It replaces the no-longer-maintained LocalGPO tool that shipped with the Security Compliance Manager (SCM), and the Apply_LGPO_Delta and ImportRegPol tools.


  • Import settings into local group policy from GPO backups or from individual policy component files, including Registry Policy (registry.pol), security templates, and advanced auditing CSV files.
  • Export local policy to a GPO backup.
  • Parse a Registry Policy (registry.pol) file to readable "LGPO text" directly to the console or redirected to a file which can edited and imported into local policy.
  • Build a new Registry Policy (registry.pol) file from "LGPO text".
  • Enable group policy client side extensions for local policy processing.


UIforETW is an utility for creating Event Tracing for Windows (ETW) data.


The Microsoft Exchange Server User Monitor (ExMon) tool enables administrators to
view and evaluate individual users' usage and experience with Microsoft Exchange
Server. With this tool, administrators can gather real-time data that helps them better
understand current client usage patterns and plan for future use.

Using ExMon, administrators can view the following:
  Show the RPC data based on the user
  Show the RPC data based on the RPC Operation
  Show the RPC data based on the specific application
  Show the RPC data based on the Admin Client Type
  Show the RPC data in the Raw form
  Show the RPC data in the Admin Raw form
  Show the RPC data in the Task by client Type
  Show the RPC data in the Task raw

Within each view, the user can drill down to get additional information on:
  Microsoft Office Outlook® versions and mode
  Client monitoring data
  Resource use, such as:
  CPU usage
  Server-side processor latency
  Network bytes
  RPC Operations, components and Action


Gophish is an open-source phishing framework.