Windows Update using PowerShell

Introduction

They say that dementia is being diagnosed in younger people. Trust me I can believe that statement, because I’ve spent the past couple of weeks banging my head against a brick wall just because people have been told by others to disable User Account Control (UAC) and modified their update settings.

The reality is that a few people who should know better, trust me they should know a lot better, has taken a telephone call from Microsoft engineers who have advised them that they have a serious security issue with their computer and need to run a program that will be sent to them via e-mail. But in order to run the program they need to disable User Account Control (UAC). Once they have given their e-mail address, they are told that the program has been sent to them. Whilst they are still talking to the Microsoft engineer, who has called them by the way, they mentioned that the e-mail had not arrived. They were advised to check their spam folder, and move the e-mail into their inbox and save the attachment before running the program.

Once they have run the program the caller says that the security issue has been resolved and after completing a quick telephone survey the caller has rung off, and they are left alone to happily use their compromised system.

One lady asked for help when she noticed that her computer would not connect to the internet, she thought “that the Microsoft engineer who called had possibly caused that issue, because she could surf the web before”

At least two of the computers I’ve worked upon, in the past couple of weeks, belong to system administrators, or senior IT managers who should know better.

Am I really surprised by this?

The easy answer is NO, because I know a very senior Infrastructural System Security Manager who once clicked upon a message that arrived through his corporate messenger system saying that the person – who he had never met or previously communicated with, had a picture of his Mother. Then wondered why his system became infected. Honestly I did not laugh loud enough; but I was also stunned both at the logic behind his stupidity and blind logic, that the message arrived through his corporate messenger and he knew that his computer system was so secure it could not be hacked.

I am stunned though by the number of people, who many would consider to be very educated and should know better, who will blindly accept the explanation that a Microsoft engineer will call them personally in order to resolve a very severe security issue.

I have to admit that the person who said they had lost money out of their bank account did report the situation to the police, and suffered the embarrassment of having to admit that they were stupid. Needless to say that I swapped out the hard drive and rebuilt the system. Whilst somewhat nasty, that person will – hopefully – never repeat that mistake again.

The result is that I’ve spent a while working on several other systems. A brief check-up found that the anti-virus software had been disabled, and a check-up concerning downloaded updates showed that the systems had not clip_image001been updated since patch-Tuesday in August.

If you happen to receive a telephone call from a Microsoft Professional who is offering to resolve a very serious security issue, please do what my other half does & tell them that you are running a Raspberry Pi, or PC-BSD.

PowerShell is a powerful tool

Clicking away at the command line gave a few answers, but PowerShell (PS) provided the answer to the problem.

I first used PS back in 2006, as it was introduced during the beta testing of Windows Vista. I hold my hands in the air and admit that I am the world’s worst scripter; & there are many who will testify to this statement. Whilst I am happy working with the command line, I felt uncomfortable using PS and shied away from using it.

What I failed to realise was that PowerShell offered a very powerful management interface to the user. It was only last year that I realised my mistake, and where I would stumble around PowerShell, using it as a convenient variant of the command line this time PowerShell provided the solution very quickly and I have started to appreciate that it was a powerful tool. Today I’m a lot more appreciative, and use it more often.

Windows Update using PowerShell

Okay, as I’ve already mentioned I am not a scripter so please forgive the long windedness of this post as I try and explain what I did. If you are still reading this I believe that you have a little knowledge concerning PowerShell – although that is not essential.

Rightio, it’s time to fill that flagon with a caffeine infused beverage …

Back in 2014 I was looking for another answer and stumbled across a post written by Michal Gaida who wrote a group of versatile scripts that have been bundled into the Windows Update Module for PowerShell that was posted upon the ‘Scripting Guys’ website (https://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc).

Download PSWindowsUpdate.zip

Download the ‘PSWindowsUpdate.zip’, once the file has downloaded right-click the .zip file and select ‘Extract Here’

  • %USERPROFILE%\Downloads\PSWindowsUpdate

Once the file has been extracted you need to launch PowerShell with ‘Administrator’ privileges. Once PowerShell has launched you need to modify the execution policy

  • Set-ExecutionPolicy Unrestricted

Or

  • Set-ExecutionPolicy RemoteSigned

Click ‘Yes’ or ‘Yes to All’

Now that you have extracted the file, you need to copy the folder to the modules folder. Yes there are a few ways that this can be achieved, either using Windows Explorer, the command line or because we already have PowerShell open we will use PowerShell.

Type the command

  • Copy-Item –Path “C:\Users\yourprofile\Downloads\PSWindowsUpdate” –Destination “C:\Windows\System32\WindowsPowerShell\v1.0\Modules\PSWindowsUpdate” –Recurse –Force

This command is equivalent to either of the following commands entered at the command prompt (using Administrative privileges)

  • XCopy %UserProfile%\Downloads\PSWindowsUpdate\*.* %WinDir%\System32\WindowsPowerShell\v1.0\Modules\*.* /h/i/c/k/e/r/y

Or

  • RoboCopy %UserProfile%\Downloads\PSWindowsUpdate\ %WinDir%\System32\WindowsPowerShell\v1.0\Modules\ /CopyAll /E /R:0

Unblocking the extracted file

Unblock2Now that you have copied the folder, and its contents, to the Modules folder you need to Unblock the folder. Although you have modified the execution policy you are still likely to receive ‘security warnings’ when you attempt to execute the commands. This is because PowerShell uses Internet Explorer’s zone settings, and the file that you have downloaded, extracted and copied, is marked as being delivered from the Internet Zone.

Again there are a couple of ways of ‘Unblocking’ the folder, and its contents,

The way to achieve this through PowerShell is

  • Get-ChildItem C:\Windows\System32\WindowsPowerShell\v1.0\Modules\PSWindowsUpdate -recurse | unblock-file

Note

  • The command Get-ChildItem can be abbreviated to ‘GCI’ or ‘gci’
  • The ‘-Recurse’ switch unblocks parent and child folders. If this argument is omitted the child folders, and their contents, will be ignored and only those files held within the parent directory will be unblocked

If you are using the command line “Takeown /f:” C:\Windows\System32\WindowsPowerShell\v1.0\Modules\PSWindowsUpdate\*.*” /R

Note

/R is Recurse, and instructs the Takeown command to operate on files within the specified parent and child directories

You can also use Windows Explorer and navigate to the “C:\Windows\System32\WindowsPowerShell\v1.0\Modules” folder, right-click the “PSWindowsUpdate” folder selecting Properties, and then click ‘Unblock’ then OK.

Importing the module

Now that the files have been copied, and unblocked, you need to import the shared module in order to run the command. This is achieved by

  • Import-Module C:\Windows\System32\WindowsPowerShell\v1.0\Modules\PSWindowsUpdate

The command Import-Module can be abbreviated using ‘ipmo’ instead of Import-Module.

Running Windows Update using PowerShell

Now that you have imported PSWindowsUpdate you need to know which commands are available to you. In order to achieve this you need to use the command

  • Get-Command –Module PSWindows*

Or

  • GCM –Module PSWindows*

Firstly you need to know what updates are available, this can be achieved by running

  • Get-WUList –MicrosoftUpdate

clip_image004

Then to download and install the available updates you need to run one of the following commands

  • Get-WUInstall
  • Get-WUInstall –AcceptAll –Verbose Software
  • Get-WUInstall –AcceptAll –Verbose Driver
  • Get-WUInstall –AcceptAll –AutoReboot -Verbose

clip_image005

clip_image006

clip_image007

clip_image008

Windows Defender Update and Scan using PowerShell

Throughout this post I have written the text that you need to type in bold and Purple.

If you receive an error whilst running PowerShell explaining that you cannot execute the command due to restrictions, type “Set-ExecutionPolicy Unrestricted” and then press “Y” or “A” in answer to the question. This command removes qny restrictions that will have been set.

I received a frantic telephone call from a friend during the weekend. They were calling for help because their Windows Defender could not be updated using had been turned off, and when they managed to turn it back-on they could not update the signatures, nor could they scan their computer.

Alright, they are not the first person that this has happened to, and I doubt that they will be the last either.

A few years back I helped someone else who had a similar issue, and used PowerShell to resolve the issue.

Firstly you need to launch PowerShell

  • · Click on Search (Win 7), “Win+C” (Win 8x) or Cortana (Win 10) and type “PowerShell
  • · Now right-click Windows PowerShell and select “Run as Administrator”

cortana

Alternatively in Win 8x & Win 10 press the “Win Key + R” and type (with quotations) “%userprofile%\appdata\roaming\microsoft\windows\start menu\programs\windows powershell”. Then right-click Windows PowerShell and select “Run as Administrator”

Now that you have opened Windows PowerShell, the fun begins

Firstly, we need to know when your Windows Defender signature was last updated

Type “get-mpcomputerstatus | select *updated, *version” – This command will give you information concerning the last time your virus signature was updated. You can repeat this command, by pressing the up-arrow until it is shown, once the virus signature has been updated (below) to confirm that the signature has been updated.

get-mpcomputerstatus_updated_version

To update your virus signature type “Update-MpSignature

Signature_Update

Once your signature has been updated you are now able to initiate an anti-virus scan using Windows Defender through the PowerShell command-line.

The command “Start-MpScan” also allows you to state what type of scan you wish to initiate, as well as the scan path; which can be the system hard drive (C:\), a folder or even a remote UNC path

  • · FullScan
  • · QuickScan
  • · CustomScan

Type “Start-MpScan –ScanType FullScan” .. or “Start-MpScan –ScanType QuickScan

scan

That’s it folks, I can’t really make it any more complicated than that. It’s sweet and simple.

Just for information

A while back Microsoft launched “Windows Defender Offline”, which can be downloaded from Windows Defender Offline – Instructions & Download. This website also contains instructions upon how to use the package.

Extract the .wim image in Windows 10, Windows 8x & Windows 7

Converting the .esd to .wim is fairly straight forward, using the inbuilt Microsoft Deployment Image Servicing and Management (DISM) Command-Line.

There are more than a few uses for the DISM command, and I’ll cover more command options, as I get to use the command more often. This post is intended to provide the indication of extracting a .wim file from the .esd file provided within Win8x & Win10. The DISM command can also be used in Win7. I recently used the DISM command to extract the .wim file so that I could repair a corrupt installation on a friends computer. So this post is based upon a lesson learnt, after resorting to the books, following a head banging session 😦 in total frustration. I hope it helps you

Many Thanks .. Arfs

There are those who know me quite well, and will agree that I do not like downloading software just because it may be needed; and I certainly do not like paying for software that achieves the same function as the inbuilt command-line functionalities. But each to their own. Some people just don’t want to learn.

OKay, back to the .esd & .wim issue.

A little history

Prior to 2006 the operating system that we wanted was purchased as an individual disc. Then in 2006 Windows Vista introduced the ‘Windows Image Format’ (.wim). This meant that all future incarnations of Windows would be provided on a single DVD, or .iso file, and the installation would be dictated by the license key entered.

The .wim file introduced the provision for a true ‘hardware agnostic’ build that significantly improved the initial build time, from 45 minutes for Win XP Pro to 15 minutes for Win Vista Ultimate. The .wim file was also bootable.

Windows 8 introduced the Electronic Software Delivery file (.esd) which allowed for an inline upgrade. Now many e-commerce websites are using .esd files to deliver their software.

There are some websites out there who will tell you that in order to manage, and manipulate, the .esd file that is found within the ‘..\sources\’ directory, but you don’t need to download any software, (e.g. WinReducer Wim Converter – others are available); just use the command-line tools.

For this posting I’m going to use a Win 8.1×64 .iso image that has been ‘mounted’ as a virtual image within Windows File Explorer as F:\ (You just need to change F:\ to the drive that you have mounted) and the inbuilt Microsoft Deployment Image Servicing and Management (DISM) Command-Line utility (https://msdn.microsoft.com/en-us/library/jj980032(v=winembedded.81).aspx).

Once the drive has been mounted navigate to ‘f:\sources\install.esd’


Now open the command prompt with admin privileges (command prompt (admin))

 

 

  • WinKey + X, or Right-click the Windows Symbol – which will open the ‘Context Menu’
 


 

  • Left-click ‘Command Prompt (Admin)‘ & agree to UAC – ‘Yes’
  • Type the command “C:\>dism /export-image /sourceimagefile:”F:\sources\install.esd” /sourceindex:1 /destinationimagefile:”D:\Wim_Extract\Install.wim” /compress:recovery” – or /compress:maximum .. Without the quotations
 

 

  • The resulting .wim file

The following article has been posted on the TenForums website, and explains how to repair a corrupted Windows 10 image using the DISM command within PowerShell .. http://www.tenforums.com/tutorials/7808-dism-repair-windows-10-image.html .. I have read the article, and will give the link rather than republish the information, and give credit to the author ‘Brink’

Windows 10 Desktop Background Wallpaper–issues & resolution

If you are running Windows 10 and miss the ability to display your desktop images as a slideshow, in the way you could with Win Vista, Win 7 & Win 8x then maybe this  is the answer that you are looking for ….

Don’t get me wrong, I like Windows 10. It sometimes frustrates me in the way that the settings have changed, but moving towards a single environment of computer, mobile and entertainment is always going to experience a few bumps along the way .. trust me there are a lot more steps along the way. Some we will like, and others will not always meet the general approval of a few users.

One of the things that frustrates me about Windows 10 is the loss of my ability to manage my wallpaper. Heck I could select my wallpaper in Vista, Win 7 & Win 8x, so why can I not manage my desktop settings to display a collection of my personal pictures rather than the “Windows SlideShow”?

The easy answer is you can.

OKay, open the command prompt with admin privileges (command prompt (admin))

  • WinKey + X, or Right-click the Windows Symbol – which will open the ‘Context Menu’ .. pic1
  • Left-click ‘Command Prompt (Admin)’ & agree to UAC – ‘Yes’ ..
  • Type the following “control /name microsoft.personalization /page pagewallpaper” – without the quotations .. pic2
  • Press Return .. pic3

This will now open the old recognizable personalisation interface that you recognise from Win Vista, 7 & 8x.

Note:

If you attempt to modify the registry settings

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\UX]

“IsConvergedUpdateStackEnabled”=dword:00000000

You will find that you do not hold the privileges to modify the registry key; and if you create a .reg key, you will find that you receive the same response.

Note:

Although it’s not a perfect solution it is a solution.

 
context_Menu2
Pic1 – Context Menu
cmd2
Pic2 – Command Prompt (Admin) & command line
Personalisation
Pic3 – Windows Personalisation – Win Vista, Win 7 & Win 8x

Lync to become Skype (for Business)

BREAKING NEWS ….

In some instances progression is really regression, or maybe it’s just a case of rebranding a fully functional client with a name that the younger generation know & understand.

Watch this space, because on Wednesday 18th March 2015 Microsoft Lync (nee Office Communications Server, Live Communications Server) will change its name to Skype for Business.

For those of you who know me well, will understand where I’m coming from here.

The rebranding of Lync (formerly Real Time Communications-Alfa, Live Communications Server & Office Communications Server) is the passing of a brilliant system and the witnessing of the dumbing down of corporate communications to a something that is know to the younger generations who want external contact; this also makes it easier for third-party suppliers.

Maybe it’s a way of evolving a evolving a “nice to have” social media client that many of the younger generation associate with social IM, P2P video & an incorporated telephony client into the corporate world. But IMHO Skype will fail to deliver that which has been delivered by Lync (and its previous incarnations) just because it’s being dumbed down.

I do not use Facebook, but this video, by Zig Serafin (Corporate Vice President Skype Business Services) was published on Facebook on the 12th March. Announcing that Skype for Business would be launched on Wednesday March 12th. (https://www.facebook.com/video.php?v=10152821623341884&set=vb.123768126883&type=2&theater).

I have difficulty accepting that SfB (Skype for Business) will be able to provide everything that Lync has grown to offer since LCS was first rolled-out in 2005/06.

RTC-A & LCS grew out of the requirement for the protection of corporate messaging.

In the days before RTC-A, corporate messaging for chaotic. The client that was installed depended upon the consensus of team members, and interactions with other teams; the team as a core may well have had MSN, Yahoo, ICQ ect installed. Then those who interacted with other teams may well have had another IM client installed. This meant that in all reality there was no standard corporate IM, & you could not hope to stop team members passing corporate documents to a personal address or IM client.

RTC-A introduced a static client that could be installed throughout the corporate environment, with the advantage being that IM was limited to within the corporate network.

When the lessons from RTC-A had been learnt & the software developed into LCS; there were many advances. But the biggest advance was when we developed Public IM Gateways – a portal through the firewalls allowing IM with customers & suppliers.

If you have Lync installed within your corporate environment today, you have a very stable and versatile corporate messaging client that has a greater function than just purely the provision of IM.

Sadly whilst Skype offers the functionality of  telephony, it follows the same principle of Live Call – remember the ability to call from MSN ? – in that your breakout point is your in-country telephone provider .. if you call a US based telephone from a UK based Skype\Microsoft account then you initiate the call from the UK. Whereas if you were using Lync & had an office in the US – also running Lync -then the call would be routed from the UK to the US via the corporate network & breakout using the US telephony system; which effectively meant that you had an in-country call rather than an international call.  In all reality this is called virtual networking (VNet, or VNetting – the ability to route your telephony requirements through the corporate network, rather than breaking out to public telephony network & then re-entry to the corporate infrastructure).

Personally I’m waiting to find out what will be offered, and whether it will be an advantage to that which is already offered, but Microsoft is claiming that SfB will provide many new features which will include:

  • A familiar interface, which uses “The familiar Skype icons for calling, adding video & ending a call” – WOW! an advancement for the mere stupid
  • Skype call monitor, which will keep the active call visible in a small window even when the user changes focus to another application. – WOW! this already works with Lync
  • Better Skype integration. In addition to instant messaging and audio calling with Skype, Skype for Business adds video calling and the Skype user directory, so you can call any Skype user on any device. – This already works with Lync .. my desktop, laptop, tablet, & phone (Windows, Droid & fruit based .. my better looking other half uses Lync on her Droid & me on my Win Lumia, with FULL audio visual & desktop sharing)
  • More efficient design. Common tasks can be completed with fewer steps. For example, transferring a call now takes only one touch or click instead of three. – Advancement

SfB will be an automatic rollout Office 365 for business customers in the weeks and months ahead. Those with on-premises Lync servers will need to upgrade to Skype for Business manually.

What a self centred egotistical arogant manual ejaculate !

Yes I say this openly .. afterall it’s written on the W3 so it will never be hidden, and I say it openly & honestly; for this manual ejaculate could never find his bloated posterior using a GPS handset, having received a complementary two day tutorial or having to ‘oogle the use of wetwipes. In fact I believe that if you could measure his egotistical IQ then he would also be confirmed as being pregnant. In fact an amoeba has a greater brain quality than this …..

Maybe this is one of those days that confirms “on certain days democracy sucks”, just because idiots like this have a say .. Okay, rant over, but this IDIOT should have his publishing rights removed & his editor called into question.

This is the article in question & the pompous manual ejaculate even include a picture of himself, just so you know he means business .. maybe he should have posed as a 1930’s personal detective

http://www.infoworld.com/article/2690889/microsoft-windows/windows-10-youre-welcome-microsoft.html

What more can I say ?

Can’t Activate Windows 10 TechP (Error Code 0x800732B)

Here’s an interesting one for you ..

Having recently rebuilt one of my test boxes I found that I could not activate Win10 TechP Build 9926, and received the error code 0x800732B.

The build is supposed to be pre-activated, so this error caused a raised eyebrow, especially as I do not have a KMS installed in my test infrastructure. – I’ve spent enough hours viewing this error code when I initiated a KMS whilst testing Vista & deploying early builds of Win7 in a corporate environment.

Casting my memory back & browsing through my previous build notes, I stumbled across the answer ..

You can use the key.vbs script (Below) to obtain your Windows key, but this will not allow activation …

Press +R (Run)

Type “SLUI 3” – without the quotes & remember to include the space!

This will launch the interface (below)

Enter the license key .. PBHCJ-Q2NYD-2PX34-T2TD6-233PK .. This key is provided for recovery scenarios and cannot be used for normal activation .. which will activate against the Microsoft KMS

You should now be up and running

Copy the script below into Notepad – other text editors are available – & save it as “WinKey.vbs”

Apologies, I am the world’s worst script kiddie – there are plenty of people who will attest to this because they’ve spent hours debugging my buggy attempts at code. The code below was copied from the web. I’ve had it for a while so sadly I cannot say who wrote the code, or remember the website that I copied it from; so if you are the original author I apologise for not being able to give you the credit that you deserve …

Option Explicit

Dim objshell,path,DigitalID, Result

Set objshell = CreateObject(“WScript.Shell”)

‘Set registry key path

Path = “HKLMSOFTWAREMicrosoftWindows NTCurrentVersion”

‘Registry key value

DigitalID = objshell.RegRead(Path & “DigitalProductId”)

Dim ProductName,ProductID,ProductKey,ProductData

‘Get ProductName, ProductID, ProductKey

ProductName = “Product Name: ” & objshell.RegRead(Path & “ProductName”)

ProductID = “Product ID: ” & objshell.RegRead(Path & “ProductID”)

ProductKey = “Installed Key: ” & ConvertToKey(DigitalID)

ProductData = ProductName & vbNewLine & ProductID & vbNewLine & ProductKey

‘Show messbox if save to a file

If vbYes = MsgBox(ProductData & vblf & vblf & “Save to a file?”, vbYesNo + vbQuestion, “BackUp Windows Key Information”) then

Save ProductData

End If

‘Convert binary to chars

Function ConvertToKey(Key)

Const KeyOffset = 52

Dim isWin8, Maps, i, j, Current, KeyOutput, Last, keypart1, insert

‘Check if OS is Windows 8

isWin8 = (Key(66) 6) And 1

Key(66) = (Key(66) And &HF7) Or ((isWin8 And 2) * 4)

i = 24

Maps = “BCDFGHJKMPQRTVWXY2346789”

Do

Current= 0

j = 14

Do

Current = Current* 256

Current = Key(j + KeyOffset) + Current

Key(j + KeyOffset) = (Current 24)

Current=Current Mod 24

j = j -1

Loop While j >= 0

i = i -1

KeyOutput = Mid(Maps,Current+ 1, 1) & KeyOutput

Last = Current

Loop While i >= 0

keypart1 = Mid(KeyOutput, 2, Last)

insert = “N”

KeyOutput = Replace(KeyOutput, keypart1, keypart1 & insert, 2, 1, 0)

If Last = 0 Then KeyOutput = insert & KeyOutput

ConvertToKey = Mid(KeyOutput, 1, 5) & “-” & Mid(KeyOutput, 6, 5) & “-” & Mid(KeyOutput, 11, 5) & “-” & Mid(KeyOutput, 16, 5) & “-” & Mid(KeyOutput, 21, 5)

End Function

‘Save data to a file

Function Save(Data)

Dim fso, fName, txt,objshell,UserName

Set objshell = CreateObject(“wscript.shell”)

‘Get current user name

UserName = objshell.ExpandEnvironmentStrings(“%UserName%”)

‘Create a text file on desktop

fName = “C:Users” & UserName & “DesktopWindowsKeyInfo.txt”

Set fso = CreateObject(“Scripting.FileSystemObject”)

Set txt = fso.CreateTextFile(fName)

txt.Writeline Data

txt.Close

End Function