Wednesday, December 28, 2016

Integrate drivers into install.wim

Place install.wim on c:\

Copy all drivers to c:\drivers

Deployment Tools from ADK 10 must be installed

Open "Deployment and Imaging Tools Environment" in "Run As Administrator" mode

Create working directory:
if not exist c:\mount md c:\mount
Take a look how much indexes cboot image contains:
dism /get-wiminfo /wimfile:c:\install.wim
Mount boot image:
dism /mount-wim /wimfile:c:\install.wim /index:1 /mountdir:c:\mount
Slipstream drivers:
dism /image:c:\mount /add-driver /driver:c:\drivers /recurse
or
dism /image:c:\mount /add-driver /driver:c:\drivers /recurse /forceunsigned
Umount image:
dism /unmount-wim /mountdir:c:\mount /commit
Make the image as small as possible:
"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" /Export-Image /SourceImageFile:c:\install.wim /SourceIndex:1 /DestinationImageFile:c:\custom.wim /Compress:max
Remove working directory:
if exist c:\mount rd c:\mount /q /s

Tuesday, December 27, 2016

SMS is looking for policy, PXE boot


In my case I just deployed new boot.wim image and forgot to check
"Deploy this boot image from the PXE-enabled distribution point":

Integrate drivers into boot.wim

Place boot.wim on c:\

Copy all drivers to c:\drivers

Deployment Tools from ADK 10 must be installed

Open "Deployment and Imaging Tools Environment" in "Run As Administrator" mode

Create working directory:
if not exist c:\mount md c:\mount
Take a look how much indexes cboot image contains:
dism /get-wiminfo /wimfile:c:\boot.wim
Mount boot image:
dism /mount-wim /wimfile:c:\boot.wim /index:1 /mountdir:c:\mount
Slipstream drivers:
dism /image:c:\mount /add-driver /driver:c:\drivers /recurse
Umount image:
dism /unmount-wim /mountdir:c:\mount /commit
Make the image as small as possible:
"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" /Export-Image /SourceImageFile:c:\boot.wim /SourceIndex:1 /DestinationImageFile:c:\custom.wim /Compress:max
Remove working directory:
if exist c:\mount rd c:\mount /q /s

0x80070490, Failed to Run Task Sequence

I am using legacy mode to deploy Windows 8.1 operating system on a single partition:

I have used this task sequence and already installed operating system from scratch but this time I received:

The reason Why this happened in the first place is that I want to install operating system on the first partition which is only 360MB big:

I solved this case by booting Parted Magic from Hiren 15.2 LiveCD, manually removed all partitions and create one big, single partition.

Sunday, December 25, 2016

pre overflow:auto, Internet Explorer 11

The way how I succeed to set auto scroll option in Internet Explorer 11 is:
pre {
font-size: 110%;
background-color: #f0f3f3;
line-height: 110%;
margin: 2px 0 1em 0;
border: solid gray;
border-width: .1em .1em .1em .2em;
padding: .2em .6em;
overflow: auto;
white-space: pre !important;
word-wrap: normal;
display: block;
font-family: monospace;
}

Thursday, December 22, 2016

Switch between operating systems, VHD boot

I have 3 optional operating systems which can I select during boot.
Sometimes I need to restart the operating system which is running via VHD.
In this case I have automatically redirected to the native system of windows where I need to select what operating system to use.
Then the computer reboots again to finally boot into my pointed system.

That is one additional restart which is not needed at all.

I want to eliminate the unnecessary step.

Lets look at the boot loader situation now:
bcdedit /enum
This will report me:
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
integrityservices       Enable
default                 {current}
resumeobject            {3d6e0d9d-94ef-11e6-b413-9a532a3b8c21}
displayorder            {current}
                        {3d6e0da1-94ef-11e6-b413-9a532a3b8c21}
                        {3d6e0da2-94ef-11e6-b413-9a532a3b8c21}
toolsdisplayorder       {memdiag}
timeout                 10

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 8.1
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {3d6e0d9f-94ef-11e6-b413-9a532a3b8c21}
integrityservices       Enable
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \Windows
resumeobject            {3d6e0d9d-94ef-11e6-b413-9a532a3b8c21}
nx                      OptIn
bootmenupolicy          Standard

Windows Boot Loader
-------------------
identifier              {3d6e0da1-94ef-11e6-b413-9a532a3b8c21}
device                  vhd=[locate]\win7x64ultimate.vhd
path                    \Windows\system32\winload.exe
description             Windows 7 Ultimate
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {3d6e0d9f-94ef-11e6-b413-9a532a3b8c21}
integrityservices       Enable
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
osdevice                vhd=[locate]\win7x64ultimate.vhd
systemroot              \Windows
resumeobject            {3d6e0d9d-94ef-11e6-b413-9a532a3b8c21}
nx                      OptIn
bootmenupolicy          Standard

Windows Boot Loader
-------------------
identifier              {3d6e0da2-94ef-11e6-b413-9a532a3b8c21}
device                  vhd=[locate]\win81x64.vhd
path                    \Windows\system32\winload.exe
description             Another 8.1
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {3d6e0d9f-94ef-11e6-b413-9a532a3b8c21}
integrityservices       Enable
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
osdevice                vhd=[locate]\win81x64.vhd
systemroot              \Windows
resumeobject            {3d6e0d9d-94ef-11e6-b413-9a532a3b8c21}
nx                      OptIn
bootmenupolicy          Standard

Basically all options are listed in first section.

Now on the native drive c:\ I places these files:
set-default-native.cmd
bcdedit /default {3d6e0d9e-94ef-11e6-b413-9a532a3b8c21}
shutdown -r -t 0
set-default-7-vhd.cmd
bcdedit /default {3d6e0da1-94ef-11e6-b413-9a532a3b8c21}
shutdown -r -t 0
set-default-81-vhd.cmd
bcdedit /default {3d6e0da2-94ef-11e6-b413-9a532a3b8c21}
shutdown -r -t 0
Every time I decide to use one OS longer than one reboot I set it as default operating system :)

Wednesday, December 21, 2016

HTTrack silent install-uninstall, detection method

silent-install.cmd
@echo off
setlocal EnableDelayedExpansion
set sw=HKLM\SOFTWARE
set u=Microsoft\Windows\CurrentVersion\Uninstall
set n=WinHTTrack Website Copier_is1
reg query "%sw%\%u%\%n%" > nul 2>&1
if not !errorlevel!==0 (

echo %n%

rem look if this is 64-bit operating system
reg query "%sw%\Wow6432Node" > nul 2>&1
if !errorlevel!==0 for /f %%a in ('dir /b "%~dp0httrack_x64-*.exe"') do (
start /wait "" "%~dp0%%a" /SILENT
)

rem look if this is NOT 64-bit operating system
reg query "%sw%\Wow6432Node" > nul 2>&1
if not !errorlevel!==0 for /f %%a in ('dir /b "%~dp0httrack-*.exe"') do (
start /wait "" "%~dp0%%a" /SILENT
)

) else echo %n% already installed

endlocal

silent-uninstall.cmd
@echo off
set sw=HKLM\SOFTWARE
set u=Microsoft\Windows\CurrentVersion\Uninstall
set n=WinHTTrack Website Copier_is1
for /f delims^=^"^ tokens^=2 %%a in ('^
reg query "%sw%\%u%\%n%" /v UninstallString ^|
find "UninstallString"') do (
"%%a" /SILENT
)

Tuesday, December 20, 2016

Slipstream .NET 2.0, 3.0, 3.5, 4.6.2 into Windows 10 x64 source

This is tested on Win10_1607_English_x64.iso at:
https://www.microsoft.com/en-us/software-download/windows10ISO/
88b98698600511dcd69596df92b242e5
99fd8082a609997ae97a514dca22becf20420891

Deployment Tools from ADK 10 must be installed

Use 7-zip and extract Win10_1607_English_x64.iso to c:\

Open "Deployment and Imaging Tools Environment"

List available indexes:
dism /get-wiminfo /wimfile:c:\iso\sources\install.wim
Create working directory:
if not exist c:\mount md c:\mount
Mount index 1:
dism /mount-wim /wimfile:c:\iso\sources\install.wim /index:1 /mountdir:c:\mount
Slistream .NET 2.0, 3.0 and 3.5
dism /image:c:\mount /enable-feature /featurename:NetFx3 /all /limitaccess /source:c:\iso\sources\sxs
Download NDP462-KB3151800-x86-x64-AllOS-ENU.exe
Open with 7-zip and extract x64-Windows10.0-KB3151900-x64.cab to c:\updates

Slipstream .NET 4.6.2:
dism /image:c:\mount /add-package /packagepath:c:\updates\x64-Windows10.0-KB3151900-x64.cab
Close image:
dism /unmount-wim /mountdir:c:\mount /commit
Export only Pro version of Windows 10:
"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\dism.exe" /Export-Image /SourceImageFile:c:\iso\sources\install.wim /SourceIndex:1 /DestinationImageFile:c:\install.wim /Compress:max
Overwrite default wim file:
move /Y c:\install.wim c:\iso\sources
Create iso file:
"C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\Oscdimg\oscdimg.exe" -b"c:\iso\boot\etfsboot.com" -h -u2 -m -l"win10x64" "c:\iso" "c:\win10x64.iso"

Look for used computer electronics, ss.lv

My country has used electronics sales and I am quite in the center on this city.
That means anything can be reachable if I am the first who know about this sale.

I have interested in computer electronics as Raspberry Pi, Banana Pi, Zotac ZBOX, BeeBox.

I found that all new products comes through this url:
https://www.ss.lv/lv/electronics/computers/today-5/

So I created little spider to look if there is anything interesting for me.
This program is a part of the detect script series which I run hourly on Raspberry Pi

This is how I implemented it mainly:
#products I am looking for
keywords=$(cat <<EOF
raspberry
banana pi
bananapi
zbox
beebox
arduino
extra line
EOF
)

#list pages to check. one page includes 30 items
pages2check=$(cat <<EOF
https://www.ss.lv/lv/electronics/computers/today-5/
https://www.ss.lv/lv/electronics/computers/today-5/page2.html
https://www.ss.lv/lv/electronics/computers/today-5/page3.html
https://www.ss.lv/lv/electronics/computers/today-5/page4.html
https://www.ss.lv/lv/electronics/computers/today-5/page5.html
extra line
EOF
)

#take one page by page and look for all intems for sale
printf %s "$pages2check" | while IFS= read -r onepage
do {

echo "processing $onepage"

#download one page
python ../html-downloader.py $onepage $tmp/product.log

#create a list of all items
items2check=$(sed "s/\d034/\n/g" $tmp/product.log | grep "^/msg" | sort | uniq | sed '$athis is last line')
#echo "$items2check"

#take one item by item on compare it to database
printf %s "$items2check" | while IFS= read -r item
do {

#looking in las 9999 lines in database if this item hass been parsed already
tail -9999 $db | grep "$item" > /dev/null

if [ $? -ne 0 ]; then
#there is unchecked items on the internet
echo new = $item

#extract the main text from div#msg_div_msg
msg_div_msg=$(wget -qO- www.ss.lv$item | sed "s/<div/\n<div/g" | grep -v "<div.*ads_sys_div_msg\|<script" | grep -A100 "msg_div_msg" | sed "s/<\/div>/\n<\/div>\n/g" | sed '/<\/div>/,$d' | sed -e "s/<[^>]*>//g")

#take all keywords and look if there are any content on main text
printf %s "$keywords" | while IFS= read -r key
do {
echo "$msg_div_msg" | grep -i "$key"
if [ $? -eq 0 ]; then

#send email to all people in [maintenance] file
emails=$(cat ../maintenance | sed '$aend of file')
printf %s "$emails" | while IFS= read -r onemail
do {
python ../send-email.py "$onemail" "$key found" "www.ss.lv$item 
`echo "$msg_div_msg"`"
} done

fi

} done
#end of keywords

#set this item as parsed
echo "$item">> $db

else 
#this item is already in database
echo old = $item
fi

} done
#end of item check

} done
#end of page check

#clean and remove whole temp direcotry
rm $tmp -rf > /dev/null

Full code can be found:
https://github.com/catonrug/ss-look/blob/master/check.sh

Failed to start A high performance web server and a reverse proxy server

I am running nginx on Raspbian Jessie operating system.

I just created new virtual host and reloaded nginx service:
/etc/init.d/nginx restart
Now I got:
[....] Reloading nginx configuration (via systemctl): nginx.serviceJob for nginx.service failed. See 'systemctl status nginx.service' and 'journalctl -xn' for details.
 failed!
Turns out I can test if the configuration file is OK with:
nginx -t -c /etc/nginx/nginx.conf
This time it says:
nginx: [emerg] could not build the server_names_hash, you should increase server_names_hash_bucket_size: 32
nginx: configuration file /etc/nginx/nginx.conf test failed
Lets check what this setting is in config:
grep server_names_hash_bucket_size /etc/nginx/nginx.conf
And it says that it is not configured:
        # server_names_hash_bucket_size 64;
OK lets increase this as it says:
sed -i "s/^.*server_names_hash_bucket_size..*;$/server_names_hash_bucket_size 64;/" /etc/nginx/nginx.conf
Check again:
grep server_names_hash_bucket_size /etc/nginx/nginx.conf
Its good now:
server_names_hash_bucket_size 64;
Lets test config file:
nginx -t -c /etc/nginx/nginx.conf
This now says:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Got to go:
/etc/init.d/nginx restart

Monday, December 19, 2016

Sunday, December 18, 2016

Saturday, December 17, 2016

Windows 8.1 updates stuck forever

For 64-bit system download:
http://download.windowsupdate.com/c/msdownload/update/software/updt/2015/04/windows8.1-kb3021910-x64_e291c0c339586e79c36ebfc0211678df91656c3d.msu
http://download.windowsupdate.com/c/msdownload/update/software/updt/2016/07/windows8.1-kb3172614-x64_e41365e643b98ab745c21dba17d1d3b6bb73cfcc.msu
For 32-bit system download:
http://download.windowsupdate.com/c/msdownload/update/software/updt/2015/04/windows8.1-kb3021910-x86_7e70173bec00c3d4fe3b0b8cba17b095b4ed2d20.msu
http://download.windowsupdate.com/c/msdownload/update/software/updt/2016/07/windows8.1-kb3172614-x86_d11c233c8598b734de72665e0d0a3f2ef007b91f.msu
Unplug Internet connection

Open Command prompt in Run As Administrator mode and clear update cache
net stop wuauserv
rd %systemroot%\SoftwareDistribution /Q /S
SC sdshow wuauserv
SC sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
Install KB3021910 and KB3172614

Plug back the internet connection.

Open Command prompt in Run As Administrator mode and clear update cache and start detecting new updates
net stop wuauserv
rd %systemroot%\SoftwareDistribution /Q /S
SC sdshow wuauserv
SC sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
wuauclt.exe /detectnow
Related:
https://support.microsoft.com/en-us/kb/3172614#bookmark-prerequisites

Friday, December 16, 2016

Thursday, December 15, 2016

Disable SmartScreen Filter, Windows Defender

SmartScreen Filter can be turned off via Internet Options Advanced tab:

Open control panel and search for "Defender":

Here is video of real world situation:

Wednesday, December 14, 2016

Block websites using Mikrotik router

First I need to create some reg expressions.

To block one site I can use:
^.+(izismile.com).*$
To block multiple sites I can use:
^.+(facebook.com|youtube.com).*$
So I create this expression in Layer7 section:

Now I note down what is my actual local network:

Hands on. Create new firewall rule:

Select forward chain and write down your address scope.
I can write 192.168.99.1/24 but it will be converted to 192.168.99.0/24:
Scroll down a lot till the section Filter appears.
Select Later7 protocol: name of layer7 rule:

Scroll down till bottom. Select action drop:

Scroll to the top of page and click [Save]

Now move the rule before any other forward Accept rule!

No need to restart anything. Everything works instantly :)

Tuesday, December 13, 2016

Download Windows 7 Ultimate SP1

Use Google Chrome and go to:
https://www.microsoft.com/en-us/software-download/windows10ISO/

Click "Inspect" on "Select Edition" and modify the Options Modify option list:
<select id="product-edition" href="#product-info-content">
<option value="" selected="selected">Select edition</option>
<option value="8">Windows 7 Ultimate</option>
<option value="245">Windows 10 N</option>
<option value="246">Windows 10 Single Language</option>
</select>

Click "Confirm" and select Language and Confirm again.

Here is video:

Sunday, December 11, 2016

Saturday, December 10, 2016

Install Windows Update module for PowerShell

Enable PowerShell scripts to run locally:
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\PowerShell" /v EnableScripts /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\PowerShell" /v ExecutionPolicy /t REG_SZ /d RemoteSigned /f
Download WindowsUpdate module:
https://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc

Extract archive to:
%WINDIR%\System32\WindowsPowerShell\v1.0\Modules
Open PowerShell

Import WindowsUpdate module:
Import-Module PSWindowsUpdate
Show installed updates:
Get-WuList -IsInstalled | sort KB | ft KB,Title -AutoSize
Check which updates are needed:
Get-WuList -WindowsUpdate -MicrosoftUpdate | sort KB | ft KB,Title -AutoSize 
Show only the KB codes:
Get-WuList -WindowsUpdate -MicrosoftUpdate | sort KB | % {$_.KB}

Friday, December 9, 2016

Before, after enable VPN, Mikrotik

I am doing Mikrotik router reset (without restore from backup) and this is my basic preparation:
1) set up router name
2) set country
3) set password for wireless
4) change subnet octet
5) apply configuration
I am setting this up via wireless connection.

This means when I hit [Apply Configuration] I will be automatically disconnected from wireless network!

I must connect to the new wifi network now.

I am barely know how to work wit Firewall Rules and NAT. This time my plan is to take some screenshots with default firewall rules and NAT configuration. Maybe I will learn something :)

I will enable VPN and the look what is changed:

The result is this..

By default on RouterOS have 7 firewall rules:

After enabling VPN there are three more rules:
Now I know what created these rules. The checkbox which I pressed once created these rules. This is important. I know where this content should be always located. Before any drop action I guess.

NAT section before VPN:

After VPN was activated there is new masquerade. What is that means?
Ok. I will leave it there forever.

Thursday, December 8, 2016

Upgrade/Install Adobe Reader 11.0.19, SCCM

Download files:
http://ardownload.adobe.com/pub/adobe/reader/win/11.x/11.0.00/en_US/AdbeRdr11000_en_US.msi
4eb9eaf5326d61ef4de30b353e878551
8cc8a0dbb57ad3efbbb930f945287fb63247a20a

http://ardownload.adobe.com/pub/adobe/reader/win/11.x/11.0.19/misc/AdbeRdrUpd11019.msp
615a18034c41dd718e99eb5be8698340
98fdf7a15fb2486ee7257767296d4f7a0a62ac92

silent-install.cmd
@echo off
setlocal EnableDelayedExpansion
set U=Microsoft\Windows\CurrentVersion\Uninstall
set v=DisplayVersion
set v110={AC76BA86-7AD7-1033-7B44-AB0000000001}
if "%ProgramFiles(x86)%"=="" (
set SW=HKLM\SOFTWARE
) else (
set SW=HKLM\SOFTWARE\Wow6432Node
)
reg query "%SW%\%U%\%v110%" > nul 2>&1
if !errorlevel!==0 (
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.00"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.01"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.02"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.03"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.04"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.05"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.06"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.07"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.08"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.09"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.10"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.11"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.12"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.13"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.14"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.15"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.16"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.17"
if !errorlevel!==0 goto reinstall
reg query "%SW%\%U%\%v110%" /v %v% | findstr "11.0.18"
if !errorlevel!==0 %systemroot%\system32\msiexec.exe /p "%~dp0AdbeRdrUpd11019.msp" /qn
goto AdobeRdrOK
)
:reinstall
for %%a in ({AC76BA86-7AD7-1033-7646-A00000000001} ^
{AC76BA86-7AD7-1033-7B44-A70000000000} ^
{AC76BA86-7AD7-1033-7B44-A71000000002} ^
{AC76BA86-7AD7-1033-7B44-A80000000002} ^
{AC76BA86-7AD7-1033-7B44-A81000000003} ^
{AC76BA86-7AD7-1033-7B44-A82000000003} ^
{AC76BA86-7AD7-1033-7B44-A83000000003} ^
{AC76BA86-7AD7-1033-7B44-A90000000001} ^
{AC76BA86-7AD7-1033-7B44-A91000000001} ^
{AC76BA86-7AD7-1033-7B44-A92000000001} ^
{AC76BA86-7AD7-1033-7B44-A93000000001} ^
{AC76BA86-7AD7-1033-7B44-A94000000001} ^
{AC76BA86-7AD7-1033-7B44-A95000000001} ^
{AC76BA86-7AD7-1033-7B44-AA0000000001} ^
{AC76BA86-7AD7-1033-7B44-AA1000000001} ^
{AC76BA86-7AD7-1033-7B44-AB0000000001}) do (
reg query %SW%\%U%\%%a > nul 2>&1
if !errorlevel!==0 (
echo Found version:
reg query %SW%\%U%\%%a /v %v% | find "%v%"
echo Uninstalling..
%systemroot%\system32\msiexec.exe /x%%a /qn /norestart
)
)
echo Adobe Reader
start /wait "" %systemroot%\system32\msiexec.exe ^
/i "%~dp0AdbeRdr11000_en_US.msi" ^
PATCH="%~dp0AdbeRdrUpd11019.msp" ^
EULA_ACCEPT=YES /qn /norestart
:AdobeRdrOK
endlocal

Detection rule for version 11.0.19:
Key:
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AB0000000001}
Version:
184549395
Add detection rule for Adobe Reader DC also:
Key:
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}
Let the computer have booth versions:

Wednesday, December 7, 2016

Must have img css settings

I was looking for this settings quite a wile:
img {
max-width: 100%;
height: auto!important
}
Responsive view is minimal requirements to enter web world. This will allow display image in native resolution if page width is wide enough and it will shrink down image if page width gets smaller :)

Edit subject in received mail, Outlook 2016

Outlook 2016.

I can open some Email Item in full item mode when I can reply or forward.

Turns out I can edit original subject of email and then save email item:

How can it be allowed? :@

Adobe Reader has stopped working, BEX, AcroRd32.exe

My situation is Windows 7 64-bit and Adobe Reader 11.0.18 and I got:

Problem signature:
  Problem Event Name: BEX
  Application Name: AcroRd32.exe
  Application Version: 11.0.0.379
  Application Timestamp: 505fd19e
  Fault Module Name: AcroRd32.exe
  Fault Module Version: 11.0.0.379
  Fault Module Timestamp: 505fd19e
  Exception Offset: 00012a02
  Exception Code: c0000409
  Exception Data: 00000000
  OS Version: 6.1.7601.2.1.0.256.48
  Locale ID: 1062
  Additional Information 1: f4fc
  Additional Information 2: f4fcbb525d47d76d36ee149cfea9defc
  Additional Information 3: e4fb
  Additional Information 4: e4fb5d0897a72a7985a375aaaa705924

Read our privacy statement online:
  http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
  C:\WINDOWS\system32\en-US\erofflps.txt
BEX stands for Buffer Overflow Exception.

I find out I can temporary solve this error by unloading Antivirus.
In my scenario I have TrendMicro OfficeScan and I unloaded it :)

Port 80 NAT, Mikrotik RouterOS DNS

I have this VPN address which nicely works as public DNS.
If my IP address changes the DNS will catch it and stick to the new one.

Basically the public DNS of Mikrotik router looks like this:
xxxxxxxxxxxx.sn.mynetname.net

I am testing Wordpress future and now I am hosting on internal address 192.168.99.62
How do I make so the page can be assigned from outside world via this DNS?

Go to IP -> Firewall -> NAT. Click [New]

Fill the general settings:

Scroll down to actions:

Write comment at the very bottom:

Scroll to the top and hit [OK]

The result:

Appendix:
There is nothing special on firewall rules section. So everything should work out of the box :)

Tuesday, December 6, 2016

certbot-auto renew --dry-run, Failed authorization procedure

Since I have learned how to assign free SSL certificate in Wordpress I need make sure I am able to renew this certificate using build in command:
certbot-auto renew --dry-run
Not luckily for me this does not work at all:
# certbot-auto renew --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/5d61050b753b.sn.mynetname.net.conf
-------------------------------------------------------------------------------
Cert not due for renewal, but simulating renewal for dry run
Starting new HTTPS connection (1): acme-staging.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for 5d61050b753b.sn.mynetname.net
Waiting for verification...
Cleaning up challenges
Attempting to renew cert from /etc/letsencrypt/renewal/5d61050b753b.sn.mynetname.net.conf produced an unexpected error: Failed authorization procedure. 5d61050b753b.sn.mynetname.net (http-01): urn:acme:error:unknownHost :: The server could not resolve a domain name :: No valid IP addresses found for 5d61050b753b.sn.mynetname.net. Skipping.
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates below have not been saved.)

All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/5d61050b753b.sn.mynetname.net/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates above have not been saved.)
1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: 5d61050b753b.sn.mynetname.net
   Type:   unknownHost
   Detail: No valid IP addresses found for
   5d61050b753b.sn.mynetname.net

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address.
I solved this case with:
Workaround is to use another command:
certbot certonly --force-renewal -a webroot -w /var/www/5d61050b753b.sn.mynetname.net -d 5d61050b753b.sn.mynetname.net

Sunday, December 4, 2016

25 GB VHD, OS template for video tutorial

I am preparing operating system template which later will be used to put some video in history. I mean create some video tutorial.

This is my must have configuration.
  • 25 GB hard drive - VHD
  • Operating system is running only on one partition
  • Native hardware support
  • VHD is running on the top of SSD
  • Windows 7 64-bit Ultimate. VHD technology can be used with Enterprise or Ultimate version only
  • Windows Updates (200+) are installed
  • Action Center messages are hidden for current user
  • reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v HideSCAHealth /t REG_DWORD /d 1 /f
  • System Restore are off. And last system restore point has been deleted

  • Internet Explorer first run are disabled for all users
  • reg add "HKLM\Software\Policies\Microsoft\Internet Explorer\Main" /v DisableFirstRunCustomize /t REG_DWORD /d 1 /f
  • Page file is Off from C:\ drive

  • Set default Internet Explorer home page to about:blank
  • reg add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t reg_sz /d "about:blank"
    Or sometimes I set it to https://catalog.update.microsoft.com/v7/site/home.aspx:
    reg add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t reg_sz /d "https://catalog.update.microsoft.com/v7/site/home.aspx"

  • Clear Internet Explorer browsing history on exit, define details

  • Windows Update reset script in hand.
  • net stop wuauserv
    rd %systemroot%\SoftwareDistribution /Q /S
    SC sdshow wuauserv
    SC sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
    wuauclt.exe /detectnow
    This is needed if I backup operating system then I remove %systemroot%\SoftwareDistribution before doing it

  • Visual settings mostly are off

  • Do not let any fade colors



  • Use small icons at the taskbar, Never items

  • Start menu privacy
  • Set CCleaner at the LogOff.

Check for Windows 7 updates forever

Suddenly my Slipstream Internet Explorer 11 project into Windows 7 retrieves bad result. The Windows 7 update check goes forever:

What to do?

I need to open Internet Explorer and go to https://catalog.update.microsoft.com/v7/site/home.aspx

Now I seach and add to the cart these updates:
KB3020369
KB3172605
I download these updates while drinking a cup of tea.

I install these files and then I restart computer.

After the restart I do again hard reset for update cache with these commands:
net stop wuauserv
rd %systemroot%\SoftwareDistribution /Q /S
SC sdshow wuauserv
SC sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
wuauclt.exe /detectnow
Now I check again updates, wait 15 minutes and.. Boom! I got bunch of them :)

Blog Archive