Archives

Site Status

This site is no longer actively maintained. Blog posts (2008-2017) are for historical search purposes. Thanks!

Archive for Windows – Page 8

Windows Update running forever on XP and 2003

by KW · Comments (0)
Dec 23 2013

There are plenty of reports of both Windows XP and Windows 2003 server systems stalling when running windows update (WU/MU). In some cases, they say that if you wait several hours, or perhaps overnight, the situation will resolve itself.

The long delay is (apparently) due to an IE detection process.

So, what does one do?

The suggestion is to download and manually install the December 10, 2013 Cumulative Security Update for Internet Explorer (MS13-097 / KB2898785). By installing it manually, you remove that detection from the workstation.

image

Comments (0)
Categories : News, Servers, Windows, WSUS
Tags :

How to fix ANY computer

by KW · Comments (0)
Nov 13 2013

Yes, any computer – no matter if it’s running Windows, Apple or Linux.

image

Kudos to Matthew Inman at The Oatmeal for the great insight!

Comments (0)
Categories : News, Tools, Windows
Tags :

CryptoLocker Round 3?

by KW · Comments (0)
Nov 08 2013

I first blogged about the Cryptolocker ransomware a little over a month ago. Since then workstations and servers worldwide have been attacked and compromised, even with the best levels of software and hardware protection in place. And this “cyber nemesis” is still on the move, per a new advisory from US-CERT.

In early October I began a review of the computer systems that I manage on a daily basis to ensure that all systems were clean. Later in the month, I began implementing new security policies on those systems to block the attack and spread of the ransomware. These policies were based on documentation provided by Third Tier, a group of my fellow MVP’ers.

But, the party is not over.

Most often, the CryptoLocker gets loaded via a fake email from companies, such as PayPal or FedEx. However, I was just alerted from an I.T. friend of a version of the CryptoLocker that showed up as a voice mail attachment!

If I do not manage your systems on a regular basis, and you would like me to review your computer, and implement security policies to minimize the Cryptolocker attackes, please contact me at kw@kwsupport.com.

Comments (0)
Categories : Group Policy, News, Security, Servers, Tools, Windows
Tags :

Review of ShareMouse Utility

by KW · Comments (0)
Nov 07 2013

This is my 3rd in a series of personal reviews of various “extend my mouse and keyboard” tools.

My office desk setup includes three 24” monitors connected to my Windows 8 desktop workstation (Dell Optiplex), plus a monitor on my Hyper-V 2012/SBS 2011 server (Dell T410), plus a Windows 8 touch-screen laptop (Lenovo) that I use for testing. And, when necessary, I have a 32” Samsung TV that I can attach using a USB multi-display adapter (Plugable’s Model UGA-2K-A).

So, being able to use one keyboard and mouse is an essential tool and a real time saver for me. (P.S. someday, if I can get the stuff on my desk cleaned up and put away, I’ll take a picture of my setup!)

Mouse Without Borders

In August 2012 I wrote about a product called Mouse Without Borders. I must say, it works very well. The only negative is that only works with Windows-based computers, so no Linux or Mac OS. They released an updated version in January 2013 that supports Windows 8/Windows 2012.

Synergy

In May 2013 I tested a similar product called Synergy, which does support Windows, Linux and Mac OS computers. I used Synergy from May to August, and for the most part, the product worked fine. One nagging issue I had with Synergy was that whenever I needed to reboot my server or workstation, Synergy did not always sync up properly. The services start up, but I had to keep playing with it, stopping and starting the services, until eventually it was in sync and working. Very frustrating. Finally in August I reverted back to using Mouse Without Borders.

ShareMouse

image

This week I came across a new product called ShareMouse (from Bartels Media GmbH) and just installed it to give it a spin. So here are some first day impressions.

  • First thing to note is that it is very, very easy to install. After downloading the install file you are 4 clicks away (OK, Next, Next, Finish)
    image     image     image
  • It has a very intuitive screen manager to identify the position of my monitors for proper mouse movement.
    image
  • It supports both Windows 8 and Mac OSX 10.9
  • A simple, but very helpful, feature is that it dims inactive monitors, so you always know which computer you are working on
  • They offer a free version for personal use (two computers, two monitors)
  • The paid versions (standard and pro) offer ability to drag and drop files and folders between computers. They have enhanced the product so that you only need to install the license on just one computer in your group.
  • Comparison of their free, standard and pro editions

I will post a follow up on this utility after using it for a few more weeks.

Comments (0)
Categories : News, Servers, SMB, Tools, Windows
Tags :

CryptoLocker Protection Utility for Home Users

by KW · Comments (0)
Nov 02 2013

Read detail instructions for installing the KW Support’s CryptoLocker Prevention Utility for home computers and for non-domain joined business computers.

Screenshot #1

image

Screenshot #2

image

Screenshot #3

image

Screenshot #4

image

Screenshot #5

image

Screenshot #6

image

Screenshot #7

image

Screenshot #8

image

Screenshot #9

image

Screenshot #10

image

Screenshot #11

image

Screenshot #11

Comments (0)
Categories : Malware, Security, Tools, Windows
Tags :

Creating the SBS MyBusiness OU

by KW · Comments (0)
Oct 30 2013

The SBS products (SBS 2003/2008/2011) all included a pre-installed set of Group Policy OU’s called MyBusiness. Organizational Units (OU’s) are used to organize users and computers (workstations and servers) in order to manage and apply specific rules and policies.

However, the Essentials products (SBS 2011 Essentials, Windows 2012 Essentials) do not include the MyBusiness OU. So, if you wish to keep consistency between the SBS and Essentials platforms, you will need to create this on your own. One reason for doing this would be to implement the Group Policies related to blocking the CryptoLocker ransomware.

Fortunately, Microsoft did identify the basic steps for creating the MyBusiness OU in KB 2578426 and scroll down to Issue 3 / Rule 3 in the KB article for the required steps.

To (re)create the MyBusiness OU manually. To do this, follow these steps:

  1. Open Active Directory Users and Computers.
  2. Right-click the domain name object. In the shortcut menu, point to New…, and then click Organizational Unit. Type MyBusiness to name the new object.
    Note Type MyBusiness as one word.
  3. In the MyBusiness OU that you created in step 2, create the following OUs:
    • Computers
    • Distribution Groups
    • Security Groups
    • Users
  4. In the Computers OU that you created in step 3, create the following OUs:
    • SBSComputers
    • SBSServers
  5. In the Users OU that you created in step 3, create the following OU:
    • SBSUsers

After you have finished these steps, your Group policy structure should look like this:

2620671

Comments (0)
Categories : Essentials, Group Policy, SBS, Windows
Tags : ,

CryptoLocker Group Policy Exceptions

by KW · Comments (0)
Oct 24 2013

In recent posts (here) I’ve addressed the process of creating Group Policy rules for securing your workstations from attacks like the CryptoLocker ransomware. These rules will prevent random executable files located in your local Application Data folder (AppData) from running.

The vast majority of programs that you may use should not put .exe files in the AppData folder, but every so often we come across an exception. In my case, I tried running Join.Me this morning and was greeted with this pop up window:

image

The process of adding an exception to the Software Restriction Rules we previously created is very straightfoward:

  1. From the server, open up Group Policy Management console
  2. Drill down Your_domain.local –> MyBusiness –> Computers –> SBSComputers

    Modify the XP rule

  3. Right click on the Prevent CryptoLocker XP rule, and click Edit
  4. Drill down Computer Configuration –> Policies –> Windows Settings –> Security Settings –> Software Restriction Policies
  5. Right click on Additional Rules, then click New Path rule… and create a new rule for the exception.
    In my case, my rule looks like this:
    image
  6. Click OK

    Modify the Vista and higher rule

  7. Right click on the Prevent CryptoLocker Vista and higher rule, and click Edit
  8. Drill down Computer Configuration –> Policies –> Windows Settings –> Security Settings –> Software Restriction Policies
  9. Right click on Additional Rules, then click New Path rule… and create a new rule for the exception.
    In my case, my rule looks like this:
    image
  10. Click OK

You may now wait the appropriate time (somewhere around 90 minutes, I believe) for Group Policy changes to be broadcast to all workstations, or, if you are in a hurry:

  1. From the server, open up an elevated command prompt and run: gpupdate /force
  2. Then from your workstation, open up an elevated command prompt and run: gpupdate /force

You may now test out your application

Comments (0)
Categories : Malware, SBS, Security, SMB, Windows
Tags : ,

Testing your CryptoLocker Group Policy

by KW · Comments (0)
Oct 22 2013

I posted previously on using Group Policy to establish rules to prevent executable files (.exe) stored in the Windows AppData directory from running, as a way to minimize or prevent the Cryptolocker-type ransomware from infecting your computers.

Someone asked me: “How do I know if the group policy rules are working?”

Good question … easy answer: drop in a small executable file into your local AppData directory and try to run it. I like to use notepad.exe for this test.

Here are the steps if doing this from a Vista / Win7 / Win8 workstation:

  1. Open up an elevated command prompt window.
    By default, it should put you into the C:\Windows\System32 folder
  2. Enter the following commands, pressing Enter after each:
    copy notepad.exe %localappdata% 
    cd %localappdata%
    notepad.exe

  3. If you receive an error message: “This program is blocked by group policy.” – then your group policy rules are working.
    Congratulations!

image

Comments (0)
Categories : Malware, SBS, Servers, SMB, Windows
Tags : ,

Block Executables from AppData folder

by KW · Comments (0)
Oct 22 2013

The SMB Kitchen team from Third Tier has made available (for free) a CryptoLocker Prevention Kit that includes a 20 page document that includes step by step instructions on how to lock down your servers and workstation using Group Policy settings to minimize future attacks.

The purpose of this post is to summarize those steps down to a single page. These steps are specific to SBS 2008/2011, but should be applicable to Windows 2008/2012 servers.

GOAL: create Software Restriction Policies within Group Policies to block executables (.exe) from running when they are located in the AppData folder or subfolders therein.

CREATE POLICIES FOR XP

  1. Open up Group Policy and drill down to Domain –> Computers –> SBSComputers
  2. Right click on SBSComputers and select ‘Create a GPO in this domain and link…
  3. Title this policy Prevent CryptoLocker XP and click OK
  4. Right click on this policy and select Edit
  5. Navigate to Computer Configuration –> Policies –> Windows Settings –> Security Settings –> Software Restriction Policies
  6. Right click on Software Restriction Policies and click on ‘New Software Restriction Policies
  7. Right click on Additional Rules and click on ‘New Path rule’ and then enter the following information and then click OK
    Path = %AppData%\*.exe
    Security Level = Disallowed
    Description: Don’t allow executables from AppData
  8. Repeat Step 7 for AppData subfolders
    Path = %AppData%\*\*.exe
    Security Level = Disallowed
    Description: Don’t allow executables from AppData subfolders
  9. Close this policy configuration window
  10. From the Prevent CryptoLocker XP policy locate WMI filtering near the bottom of the middle frame and select ‘Windows SBS Client – Windows XP

CREATE POLICIES FOR VISTA / WIN7 / WIN8

  1. Open up Group Policy and drill down to Domain –> Computers –> SBSComputers
  2. Right click on SBSComputers and select ‘Create a GPO in this domain and link…
  3. Title this policy Prevent CryptoLocker Vista and higher and click OK
  4. Right click on this policy and select Edit
  5. Navigate to Computer Configuration –> Policies –> Windows Settings –> Security Settings –> Software Restriction Policies
  6. Right click on Software Restriction Policies and click on ‘New Software Restriction Policies
  7. Right click on Additional Rules and click on ‘New Path rule’ and then enter the following information and then click OK
    Path = %localAppData%\*.exe
    Security Level = Disallowed
    Description: Don’t allow executables from AppData
  8. Repeat Step 7 for AppData subfolders
    Path = %localAppData%\*\*.exe
    Security Level = Disallowed
    Description: Don’t allow executables from AppData subfolders
  9. Close this policy configuration window
  10. From the Prevent CryptoLocker Vista and higher policy locate WMI filtering near the bottom of the middle frame and select ‘Windows SBS Client – Windows Vista
Comments (0)
Categories : Essentials, News, SBS, Security, Servers, SMB, Tools, Windows
Tags : ,

From XP and Vista to Windows 8.1 over the years

by KW · Comments (0)
Oct 20 2013

My trusty (and crusty) Dell Optiplex 745 has been a great workstation for me over the past seven years.

  • I started with Windows XP on the workstation.
  • Over the 4th of July weekend in 2007 I upgraded my workstation to Vista and wrote about my experience here.
  • Then in October 2009 I did an in-place upgrade of my workstation from Vista to Windows 7, and wrote about it here.
  • So here we are in October 2013, and I finally decided to proceed with a double upgrade this weekend – first to Windows 8, and then Windows 8.1.

Once again my experience was fantastic. Here is a summary of my process:

Pre-Cleanup

I knew I had collected a lot of older 3rd party utilities and apps on this workstation over the years. So, I first took time to review and uninstall those apps that I did not need or use. I recommend doing this before proceeding with the upgrade.

For Quicken, I did a final download of all my accounts and then did a backup of my Quicken database.

I also cleaned out temp files using CCleaner, and reviewed my various Download directories and removed anything I no longer needed.

Backup

Please be sure you have a full system image backup of your workstation before proceeding. That’s just being smart. In my case, I still run Windows Home Server in-house, and fired up a backup of my workstation.

Verify Hardware/Software Compatibility

My only complaint was that it appeared that Microsoft bundled the Upgrade Assistant with the actual setup of Windows 8 – which means that you had to obtain/purchase a copy of Windows 8 prior to determining if your workstation is compatible.

However, with kudos from GHacks.net, I found that Microsoft does indeed have a standalone Windows 8.1 Upgrade Assistant which you can download and run.

image

I was pleasantly surprised to find that I only had 13 items that I needed to review, and the majority of those were older 3rd party utilities that I really don’t care if they work or not. The only significant app that was flagged that I was concerned with was Quicken, as I was still running Quicken 2011.

image

Upgrade to Windows 8

I then used my Action Pack subscription to download the Windows 8 Professional iso file, and burned it to a DVD. Running the in-place upgrade took quite a while,  but lo and behold, when it finished I was setting at a Windows 8 login.

Before proceeding with upgrading to Windows 8.1, I thought it would be advisable to check out the workstation – Internet, Office, Quicken, and printing, and everything looked good.

Upgrade to Windows 8.1

I went to the Windows Store app looking for the Upgrade to 8.1, but it wasn’t there. So, I decided to run Windows Update and install all Windows 8  related updates, and then rebooted. After that, the Windows store app showed the 8.1 Upgrade option.

Final Comments

Jump in and learn Windows 8. Buy yourself a book.

There’s even a free Windows 8.1 eBook from Microsoft Press!

Comments (0)
Categories : News, Windows
Tags :
« Previous Page
Next Page »

Categories