TheSuperAdmins #005: Plenty of time!

TheSuperAdmins return with an issue which goes through the minds of many admins... A fair question...

See all comics:
TheSuperAdmins page

When does the Windows calendar end?

In previous Windows versions the calendar often ended at the at of the current century, but recently I noticed a different pattern...

Right, in previous Windows versions the  31/12/2099 was the last date in the calendar. But not only for Windows, also for older Sony PlayStation or Nintendo consoles. Check out this Wikipedia article for that.

In Windows 10 you see something different: If you scroll through the calendar you can always go until exactly 100 years in the future. But if you want to change the system time entirely the final date looks different:

Last date is the 31/12/2047. And I'm still talking about a 64 bit Windows version here. Speaking about 32 bit, there was another limit: 19th January 2038. Read more here: The year 2038 problem.

In short: The counter for 32 bit integer system runs out at this very date. It can cause issues in databases and file system. It needs to be changed to a format using 64 bit, which is going to have a time span for almost 300 billion years. But all that could run into an issue for software being programmed in 32 bit, even though all OS and CPU would support 64 bit by then.

At some point the issue is going to be addressed and solved...

To sum up 64 bit system allowed a wider range in future OS versions. There won't be an end - there's always a solution...

No more audio in taskbar?!

What to do if there's no more volume icon in the taskbar when you see that it's greyed out in the system notifications list?

In my recent case the following solution worked:

• stop the service 'Windows Audio'
• kill explorer.exe
• reopen explorer.exe 

And then the volume icon reappeared on the taskbar again.

I read other cases where reapplying the group polices through

gpupdate /force

within a domain controller based environment also helped to solve the issue. So anyway, there's at least one way...

Files on USB drive damaged through BitLocker

I recently got a case that a user put in a USB drive while starting the BitLocker of the hard encryption...
and put it out while the encryption was running and caused in interesting scenario...

Some folders were untouched, but other folders turned into files without appendix. BitLocker created now recovery key for these folders as I checked.

I gave it one attempt with TestDisk to recover these files, interestingly, the drive was splitted in three partitions - the user had only time for checking one - but as a result several chk files were visible. But looking at the file sizes it did not seemed like the files I was looking for.

Following that I found a tool called deCHK to convert these chk files into the correct files they were supposed to be. However the tool only find 2 txt files - not worth to mention.

The user gave up further attempts, but out of curiosity: Would it have been possible to recover such files? Or rather difficult? An extra BitLocker recovery tool needed? 

In case of certain experiences with similar cases, just let me know how your cases turned out. Would be interesting to know.

How to solve Internet Explorer issues - Basic Troubleshooting

Having problems with running webpages and other web applications running with Internet Explorer? Here´s a basic troubleshooting which IT supporters could face on a daily level - depending on the position of course...

Doing 1st-Level IT tasks sometimes feels like running in a circle and doing the same things over and over again. One of these tickets can be solved by are clearing the Internet Explorer´s temporary data... Here´s how:

1. Clearing the browser cache
Close the browser, go to Internet options, General and "Delete"

Select all the checkboxes (except the first one doesn´t really matter) and confirm with "Delete".

2. Remove the SSL state
Select another tab, this time "Content" and select "Remove SSL state".

3. Clear credentials
For that step, go to in Control Panel to the Credential Manager and remove all entries.

Once that´s done you can try to open the Internet Explorer again. If there´s still a problem with the website which only involves your browser I would recommend to do an Internet Explorer reset (in Internet Options => Advanced Options).

And the other solution is: Just use Google Chrome ;)

5 Reasons you shouldn't go back to Windows 7

Windows 7 is still enjoying a market share of almost 50 percent despite there was the opportunity to do a free upgrade to Windows 10. Here are a few features I miss when I'm using a Windows 7 computer again...

You get so used to the new Windows 10 features and when you start working elsewhere your operating system may still Windows 7. So you can't use certain features you were used to - not to mention that some were already introduced in Windows 8...

1: Screenshots by one key combination

In Windows 10 you can now make screenshots very easily just by using an easy key combination. You press Windows + Print and your screenshot will be saved in your user directory in the folder 'Pictures/Screenshots'. It's quite useful making several screenshots after another.

2: Virtual Drives included!

Remember software like Daemon Tools or Virtual Clone Drive? These were quite useful tools if you wanted to avoid burning an ISO image in order to use it on Windows 7 or earlier versions. In Windows 10 you don't need to install any extra tools. You just need to select on ISO file, right-click and select 'Mount'. That's it. A virtual drive will be added with your CD/DVD image. Way easier, all included. You'll noticed if you get back using Windows 7.


3: Control+V in CMD!
After so many years it's finally possible to use Ctrl+V in the command line. Pasting lines into the black box is now way easier. Going back to Windows 7 or other older Windows version you had to right-click, selecting 'Paste' to paste your clipboard. Now that's just better and faster.

4: Lots of language packs!
Changing the languages of your operating system had never been easier. You can change your Windows 10 easier to any language - even to small ones like Luxembourgish. Just go to Control Panel, 'Language', select the 'idiomas' you want, download them. After that you can easily switch to one of your downloaded languages. You only need to log off and log on again. Back in Windows 7 it was more difficult or even limited to certain version like Enterprise or Ultimate. And the amounts of possible languages are increasing. I remember working in certain companies a language change back in Windows 7 was applied by reinstalling the whole computer... But nowadays with Windows 10, no issue. Just switching to Japanese. As easy as with Android.

5: File Explorer Ribbon Bar

The Ribbon bar was first introduced as a the new view of Office 2007 applications. Some other applications within Windows 7 followed and since Windows 8 it´s also in the Windows Explorer - so jumping from 7 to 10, you will notice and you don´t wanna go back! Also having a graphical view on how fast a file transfer goes makes the new included file manager even better. Not only looks all better.


Anyway...
There are of course many more features in Windows 10 in comparison to Windows 7, but that´s just to name a few which I found were ones people would notice quite quickly. Also easy to get used to that. These examples show that you should not go back to Windows 7, although it´s still a great operating system.

Feel free to comment on if you agree or would have named other examples for reasons not to go back the OS from 2009.

How to activate Microsoft Office via command line

I recently had a situation where the 2013 Office Suite was unable to be activated. But then I found a great solution...

It was within a bigger environment where a KMS server is active. Usually the activation should run just by plugging your computer into the network for having a connection with the domain. But there was one case where it didn't work once the user was in the company for a few hours.

The user was even working remotely via VPN. But I remember that there was a command to manually force your Office activation through a command. Was a long time ago and I had to look it up. It's this one (run as admin):

cscript "C:\Program Files (x86)\Microsoft Office\Office15\OSPP.VBS" /act

Just make sure that you select the correct path, because it's depending on your Office version and operating system. It's also working with Office14 (version 2010), but not with Office 2007 (Office12).

After you executed this vbs script the confirmation that Office was activated appeared pretty quickly after that. Just make sure you are executing this Visual Basic Script while every program of the Office Suite is closed. Is better for the success of the process.

In my case it was quite efficient and it avoided that the user had to return to the office again and could return working from remote.

MATSHITA BD-RE UJ-225S ATA DEVICE and Windows 10 - a bad combination!

You upgraded to Windows 10 and your DVD/Bluray drive is gone? It can become difficult or even impossible...

In my case it's about the Matshita Bluray drive called 'UJ 225S' in a Medion Akoya P8610. Initially sold with Windows Vista was the system later upgraded to Windows 7. So it's already a few years old. 

Last year there was the possibility to upgrade to Windows 10 for free. The owner of that laptop did it, but he later noticed that his Bluray drive wasn't available anymore. Interestingly in the BIOS it's still there and you can even boot from it. Using a current live Linux distribution to boot you can still see in the device overview.

So what can you do from here? 
A helpful solution which I've seen quite often and it apparently solved the issue in many cases is the following:
1) Go to regedit and select the following path:

HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/atapi /

2) Create a new key named 'Controller0'

3) Create a new DWORD in Controller0 called EnumDevice1

4) Change the value of EnumDevice1 to 1

5) Restart your computer and your DVD/Bluray device should be back... 

BUT IT DIDN'T WORKED!

I found other suggestions to update the BIOS to version M1.04, but the BIOS was already running with the version M1.08. So that wouldn't make real sense...

ANOTHER IDEA: CHIPSET DRIVER

Maybe it's an idea to update the chipset driver? But there are no official Windows 10 chipset drivers available. You 'just' find the ones for Windows 7. And if you try them with your Windows 10 Medion Akoya laptop... you'll end up having a bluescreen.

Better use system recovery and go back to a date before you tried that. 

CONCLUSION

Basically it's something you end up nowhere. Either go back to Windows 7, use a Linux, use an external drive or maybe even change your optical drive completely. Too bad it's too old and not working with Windows 10, physically it's still very good.

Project Acer Aspire 5742g - First can't boot, then no AntiVirus

Someone brought me a laptop recently which wasn't able to boot anymore. The issue was solved easily, but after rebooting there was more...

It's all about an Acer Aspire 5742g, around five years old. The computer stops at the BIOS boot screen with the option 'Press <F2> to enter Setup'. Windows didn't boot anymore - at every attempt.

But you could still enter the BIOS and change settings without any freezing or anything. So I took a Live-Windows and booted it from the DVD drive - and it worked. I tested some HDD tools and it was all fine, I also had access to the data, no problem. But it still couldn't boot at all.

Then I opened the laptop and removed the hard disk from its cables to take it out for a few minutes. Couldn't see anything unusual and returned the hard disk back into the laptop. I turned the laptop on again and it suddenly worked, Windows 7 was able to boot.

After a few more starts the issue didn't occur again (even weeks later no problem), but I found out that the anti-virus software wasn't running anymore. And for how long? The owner didn't know. The laptop was also filled with lots of software the user wasn't aware about.

A virus scan with Malwarebytes AntiMalware showed more than 300 infections and we agreed to save the data and reinstall the machine. Better save than sorry.

Poll: Your thoughts on the free Windows 10 upgrade

Before the offer for a free upgrade to Windows 10 ended on 28th July 2016 I asked in a poll what people are thinking about. Here's the result:

Windows 10 is free to upgrade until next July - your thoughts?

I already use Windows 10 25% I will upgrade to Windows 10 until then 0% I won't upgrade, will still use Windows 8(.1) 0% I won't upgrade, will still use Windows 7 50% I can't upgrade, I will still use Windows Vista 0% I can't upgrade, I will still use Windows XP 0% I don't care. I don't use Windows 25%

It could have been a better result with more votes, but it still gives the impression that there were people not willing to use the free upgrade. Windows 7 is still a stable system and still ok for a usual user? Why changing a running system.

That's why we still have a 47% market share of Windows 7 systems. At least Windows 10 could jump to 21% in July - most likely due to the free upgrade possibilty...

Enabling DVD boot for Lenovo G70-35

No matter how often you try to press F2, F6, F8, F12 or anything: If you have a pre-installed Windows 10 you need to change some settings in the BIOS/UEFI in order to be able to boot from your DVD.

First, you need to get into the BIOS/UEFI menu to change the boot order by pressing Fn+F2. As you directly notice you can't even see the DVD drive.

In the following you should select 'Boot Mode' and chose 'Legacy Support' instead of 'UEFI'.

And in 'Boot Priority' you should also change from 'UEFI First' to 'Legacy First'.


Go to 'Exit Saving Changes' and open the BIOS again. Now you can see a bit more and also the DVD drive like you were used to in the older days.

Finally you should put the DVD in the first position ahead of the HDD. Save the changes and your inserted DVD will boot.

You'll be able now to install Windows 7, 8, 10 or anything from your DVD drive.

Another step forward: WhatsApp for Windows

Today WhatsApp finally released its desktop version. It's a step forward following the WhatsApp Web version - but is it really better?

Actually it looks more or less the same as the web version. The connection between the computer and the phone also works via scanning a QR code on the screen with your phone.

So still no connection via email address or another user ID possible. A solution like in LINE I'd prefer more. But maybe they'll think about it in the future.

The Windows version is recommended to work with Windows 8 or higher, but some users also mentioned that it's also usable with Windows 7. In the same step there was also a Mac OS version released.

The only difference to the web version is that the desktop app has it's own window and that you can see the amount of new messages with a white number in a red circle at the WhatsApp icon in the taskbar.

I hope they use this desktop version to create better chat backups in coming updates. A HTML export shouldn't be such a big deal. And other messengers have it - so hopefully it's going to come.

Anyway, I see the introduction of a desktop version a step in the right direction which they will hopefully use to build on.

Classic Moorhuhn and Windows 10

The classic Moorhuhn game from 1999 - or in other countries known as 'Crazy Chicken' got its problems to be used with Windows 7 and 8. But as I now found out: It works with Windows 10.

The game which was first only be planned as a Johnnie Walker promotion game was quite popular during the time around the the turn of the millennium.

It was named 'Die Original Moorhuhn Jagd', 'Die virtuelle Moorhuhnjagd' or just 'Moorhuhn 1', because after the success many new games were produced.

I remember with Windows 7 the game only started with 16 colors which wasn't helpful. With using the compatibility mode there where ways to run it - like with using it in window mode. Others just played the 'Moorhuhn Remake' from 2005.

And with Windows 8 there was a similar situation as far as I know - maybe somebody can confirm that.

But with Windows 10 the exe file 'Moorhuhn.exe' could be started without any additional settings. The classic game from 1999 is really working on Microsofts latest operating system.

And now I was able to see my old high scores again and had my problems to even reach 850 points. Anyway. What's your high score?

About the game: The goal of the game is to get as many points as possible by shooting at chicken with different distances. Close chickens 5 points, far away and small chickens 25 points and 10 points for those with a medium distance. Sometimes a chicken appears just in front of you which will also bring 25 more points.

Forcing the upgrade to Windows 10

Since its start of distribution last summer Windows 10 has been deployed on a lot of former Windows 7 oder 8 computers. At the beginning you could wait for a while to get your upgrade - by now it usually doesn't take too long for an invitation to upgrade. And if not, you can force it with a tool...

In the case of a newly-installed Windows 7 with missing updates you usually have to wait for a while to get the direct opportunity to upgrade to the latest Microsoft operating system.

The folder on drive C:\

Following this link you'll find a Microsoft tool (GetWindows10-Web_Default_Attr.exe) with which you can start the upgrade. It goes through a few steps: Of course first the download itself. While the process on the C:\ drive three new folders are created (as seen on the right).

It's important to keep this download running - what also means having a proper internet connection. Once this download is aborted for some reason you can't continue it with this tool.  

You get the message, that you need another restart to make this tool work again, which will appear every time you try. You need to delete these new folders on the C:\ which is in the easiest way only possible by starting your computer with a Live OS on a CD/DVD. 

Else, the biggest file within this folders can't be deleted because it's in use. Maybe Safe Mode is another way, you just have to get rid of these folders. Once that's done, you can continue by starting the tool again.

After the download follow some checking routines and you have to accept the license agreement before a search for updates starts.

Following that the usual Windows 10 installation procedure continues.

And that's it.

A call from Microsoft 'to fix the issue'

Sometimes you hear stories about scammer pretending to work for Microsoft which are trying to get access to a private computer. Their victims are gullible people which called directly at home. Lately I got to see a Windows 7 system where such a 'helpdesk guy' had access...

It all starts with a phone call where these guys say they're from Microsoft and on the computer is an issue to be fixed. 

Interestingly, they're are even calling people in Germany only speaking English and just a bit of German.

In case there were comprehension problem they used internet translation tools to move forward and they always said when this procedure costs something, they will say it (as seen later...).

Getting access

To show the people that they're trustworthy they mention a combination of numbers and later show them the exact same digits somewhere on the computer. I don't know which numbers, but obviously a combination which is on all Windows machines the same.

For getting the access they're letting their victims go to https://showmypc.com to download a remote support tool. This tool apparently includes a service and a version of Tight VNC.

Additionally they are using the tool "LogMeIn Rescue" (https://secure.logmein.com) for file transfer. Then they're copying a txt file to the desktop with following three lines to 'prove' they're real:

My Name = Christopher winter
My Employee ID = MS98646
Our Email Address = support@microsoft.com

The 'cleaning'

During this remote session the tool ATF cleaner was copied to the computer. According to the website (www.atribune.org) this software is from 2006 - so for Windows 2000 and Windows XP. There are extra notes added for the support of Windows Vista. 

The tool is just able to delete cache from Firefox and Opera. Concerning its age the only reason for using this exe must be to distract from something. Maybe from the batch file which was copied and executed shortly afterwards - name: CLEANER.bat.

Correct me, if I'm wrong, but its purpose is to get admin access and delete the event logs.

@echo off
FOR /F "tokens=1,2*" %%V IN ('bcdedit') DO SET adminTest=%%V
IF (%adminTest%)==(Access) goto noAdmin
for /F "tokens=*" %%G in ('wevtutil.exe el') DO (call :do_clear "%%G")
echo.
echo Event Logs have been cleared! ^<press any key^>
goto theEnd
:do_clear
echo clearing %1
wevtutil.exe cl %1
goto :eof
:noAdmin
echo You must run this script as an Administrator!
echo ^<press any key^>
:theEnd
pause>NUL

By that time the fake support guy said that he wants to install a special cleaning software for something around 90 euros. He couldn't send an email or other information material. It was about just installing it now or not. After that the user of the computer ended the call.

The CLEANER.bat wasn't deleted properly, because I found it in the Recycle Bin. But the eventlog was starting from new...

Further traces

In 'Run' (Windows+R) I found the following commands which were last used: 

iexplorer support.me (leads to https://secure.logmeinrescue.com/Customer/Code.aspx)

services.msc

eventvwr

certmgr.msc

prefetch

winver

msconfig

Looking for further hints for what has been done, I saw two suspicious files where the changing time was exactly during the end of the time when the support had access. In the root folder of the second hard drive is a pwdx.exe and an autorun.inf which should open the exe-file (see below).

;wnylejSrKiV rQxf eiYqRlldTudXghdrnqmBjyIgAeaGLphfkBfnuegSkajgEnux
;
open= pwdx.exe
;
sHeLL\exPLOre\COmmanD = pwdx.exe
;fLeR
shell\OpeN\cOmmAND=pwdx.exe
;
sHElL\AutOpLay\cOmmand =pwdx.exe
[AutoRun]
;
shell\opEN\DeFaULt=1

About the pwdx.exe I'm not sure what that exactly is. I only found the information that it's a maybe a Linux-based monitoring tool. Please comment, if you know more.

Anyway, the computer was filled with these virus warning windows as seen on the right. And there was also a warning message from the internet service provider the next day.

During the time the session was running, anything could have been done. These are just the few things I've found in a short amount of time.

After this event the computer wasn't connected to the internet anymore. A reinstallation was more than necessary...

Note: If anybody knows more about these fake helpdesk people or has his oder her experiences about it, feel free to comment. 

Windows Updates not working after malware cleanup

A Windows 7 computer was infected with some viruses, malware etc. and after a successful cleaning procedure there remained one visible problem: Windows Update is not working anymore.

While trying to search for further updates the following message appeared:

Windows Update cannot currently check for updates because the service is not running.

But the service is definitely running. To fix this the following steps need to be done:

1. Open services.msc (or go to computer management) to stop the Windows Update service.

2. Go to C:\Windows and rename the folder "SoftwareDistribution" to something like "SoftwareDistribution_old".

3. Restart the Windows Update service and restart the computer. The folder will be recreated.

4. Go to Windows Update again and search for updates. This time you're offered to install "New Windows Update software". Confirm it.

5. Following that the search for updates seems endless only to end up with error messages like these two: 0x80072EE2 or 0x8007000E. It won't continue.

And there they are...

6. So now go to Internet Explorer to the options and reset the settings and cache completely. Restart your computer and all of a sudden the updates will appear.

Anyway: After such virus problems there can be several other things damaged in the operating system. The safest and most recommended way would be to save the data and reinstall the OS. This is just a quick fix to get Windows Update working again.

WiFi connection problems with TP Link TL-WN823N

After the first time using the TP Link wifi stick WN823N it worked for a whole evening. But the next day a WiFi connection was suddenly no longer possible...

After a few tests with different USB ports and another reboot failed to solve this issue I thought:

'The last reinstallation of this Windows 7 PC was at the beginning of last year and I already should have done it weeks ago. So let's do this first and the problem might be solved in the same step.'

Interestingly, I was right, but only for like thirty seconds. The same issue occured once again and didn't disappear. Maybe I should explain more detailed what happened:

The WiFi signal was always perfect as it should be. But every connection attempt failed - it didn't make a difference when I used the TP Link configuration tool.

But the WiFi stick was still fine as I tested with an Windows 8.1 laptop. So I installed an extra USB port on the mainboard and the issue still remained. The firmware hasn't been updated for a longer time - so that's not it...

Finally I decided to change the WiFi encryption on the router from WPA with TKIP (which I used for testing reasons) to WPA2 with CCMP.

And then all of the sudden: Issue solved! I deleted the old WiFi settings in Windows, reconnect with the WiFi, typed in the PSK and it was working.

But that was only for a day and it happened again. After checking the event log it couldn't have been much simpler: Several hard disk failures! 

So I installed Windows on another hard disk again and these problems didn't occur another time.

Picasa and drive B

To be able to search through drive B in Picasa 3.9 doesn't seem like a frequently occuring issue, but if it's a problem, there's still a solution without changing the letter of the drive.

In Picasa 3.9 you are not able to scan a drive within the letter B. Some say it has been possible in previous versions - I can't tell... Anyway..

Select Drive Letter and Paths (German screenshot)

The solution is the following:
1) Open computer management
2) Select disk management
3) Right-click at the drive B and chose Change Drive Letter and Paths
4) Click 'Add' to select a temporary folder which will be redirected to drive B
5) Confirm the selection with 'OK'

So now you just have to open Picasa, select Tools, then Folder Manager. Now you can open drive B in Picasa and select the subfolders you want.

The redirection of drive B in Picasa

Note: Many years ago the drives A and B were reserved for floppy drives. Even in Windows XP you were (with the regular way...) unable to mount another drive with the letter A or B. Since Windows 7 (and I guess probably also in Vista) the letters A and B were free to use for any other drive...

ASUS EEE PC 1002HA and Windows 7

Usually delivered with Windows XP the EEE PC 1002HA is also able to be used with Windows 7. With the official ending of the support (April 8th, 2014) it's now the time to install a newer Windows version.

STEP 1: LATEST BIOS VERSION

But it's a long way to reach the goal: First, it's recommended to update the BIOS to the latest version. If you don't do that Windows 7 will start with a black screen and you can only avoid it by pushing the power button for a few seconds to switch to the sleep mode and pressing the power button again to awake (normal screen will appear). But it's surely annoying to do that after every start.

So, in my case the BIOS had the version 0302 and the last one available is 1004. You can check the version with the Asus Update for EEE PC Update Tool and also update your BIOS (only if you're still using XP). Either try connecting with the internet or try to find the following ROM file by yourself: 1002HA-ASUS-1004.ROM

If you don't have the tool, then you can format an USB device with FAT16 (not FAT32, won't work!!!) and copy the ROM file to it. Rename the file to 1002HA.ROM.

Note: Devices bigger than 4GB can't be used with FAT16!

After that you just simply have to boot from your USB device (with pressing ALT + F2).

Process takes less than a minute

If the process is finished, remove your USB drive and push the power button to reboot the EEE PC.

STEP 2: INSTALL WINDOWS 7

To continue you need an ISO image with Windows 7 which you have to use on the bootable USB drive. The Windows 7 USB/DVD download tool is actually really helpful to convert and copy your image to a bootable USB device (check if it's big enough!).

Before booting from the USB device make sure, you have a backup of the current drive C, in case anything would went wrong.

You also need the files from C:\Program Files\EeePC\ACPI\Driver for installing the ACPI driver afterwards (it will be missed after the installation).

Simply save anything driver and software related EEE PC stuff. The safest way would be a hard disk image.

Finally you can boot from the USB device and install Windows 7. Except ACPI all drivers will be found by the operation system. It will work with just 1GB RAM but upgrading it to 2 won't be a bad idea. Good luck!