Windows Update using PowerShell

Introduction

They say that dementia is being diagnosed in younger people. Trust me I can believe that statement, because I’ve spent the past couple of weeks banging my head against a brick wall just because people have been told by others to disable User Account Control (UAC) and modified their update settings.

The reality is that a few people who should know better, trust me they should know a lot better, has taken a telephone call from Microsoft engineers who have advised them that they have a serious security issue with their computer and need to run a program that will be sent to them via e-mail. But in order to run the program they need to disable User Account Control (UAC). Once they have given their e-mail address, they are told that the program has been sent to them. Whilst they are still talking to the Microsoft engineer, who has called them by the way, they mentioned that the e-mail had not arrived. They were advised to check their spam folder, and move the e-mail into their inbox and save the attachment before running the program.

Once they have run the program the caller says that the security issue has been resolved and after completing a quick telephone survey the caller has rung off, and they are left alone to happily use their compromised system.

One lady asked for help when she noticed that her computer would not connect to the internet, she thought “that the Microsoft engineer who called had possibly caused that issue, because she could surf the web before”

At least two of the computers I’ve worked upon, in the past couple of weeks, belong to system administrators, or senior IT managers who should know better.

Am I really surprised by this?

The easy answer is NO, because I know a very senior Infrastructural System Security Manager who once clicked upon a message that arrived through his corporate messenger system saying that the person – who he had never met or previously communicated with, had a picture of his Mother. Then wondered why his system became infected. Honestly I did not laugh loud enough; but I was also stunned both at the logic behind his stupidity and blind logic, that the message arrived through his corporate messenger and he knew that his computer system was so secure it could not be hacked.

I am stunned though by the number of people, who many would consider to be very educated and should know better, who will blindly accept the explanation that a Microsoft engineer will call them personally in order to resolve a very severe security issue.

I have to admit that the person who said they had lost money out of their bank account did report the situation to the police, and suffered the embarrassment of having to admit that they were stupid. Needless to say that I swapped out the hard drive and rebuilt the system. Whilst somewhat nasty, that person will – hopefully – never repeat that mistake again.

The result is that I’ve spent a while working on several other systems. A brief check-up found that the anti-virus software had been disabled, and a check-up concerning downloaded updates showed that the systems had not clip_image001been updated since patch-Tuesday in August.

If you happen to receive a telephone call from a Microsoft Professional who is offering to resolve a very serious security issue, please do what my other half does & tell them that you are running a Raspberry Pi, or PC-BSD.

PowerShell is a powerful tool

Clicking away at the command line gave a few answers, but PowerShell (PS) provided the answer to the problem.

I first used PS back in 2006, as it was introduced during the beta testing of Windows Vista. I hold my hands in the air and admit that I am the world’s worst scripter; & there are many who will testify to this statement. Whilst I am happy working with the command line, I felt uncomfortable using PS and shied away from using it.

What I failed to realise was that PowerShell offered a very powerful management interface to the user. It was only last year that I realised my mistake, and where I would stumble around PowerShell, using it as a convenient variant of the command line this time PowerShell provided the solution very quickly and I have started to appreciate that it was a powerful tool. Today I’m a lot more appreciative, and use it more often.

Windows Update using PowerShell

Okay, as I’ve already mentioned I am not a scripter so please forgive the long windedness of this post as I try and explain what I did. If you are still reading this I believe that you have a little knowledge concerning PowerShell – although that is not essential.

Rightio, it’s time to fill that flagon with a caffeine infused beverage …

Back in 2014 I was looking for another answer and stumbled across a post written by Michal Gaida who wrote a group of versatile scripts that have been bundled into the Windows Update Module for PowerShell that was posted upon the ‘Scripting Guys’ website (https://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc).

Download PSWindowsUpdate.zip

Download the ‘PSWindowsUpdate.zip’, once the file has downloaded right-click the .zip file and select ‘Extract Here’

  • %USERPROFILE%\Downloads\PSWindowsUpdate

Once the file has been extracted you need to launch PowerShell with ‘Administrator’ privileges. Once PowerShell has launched you need to modify the execution policy

  • Set-ExecutionPolicy Unrestricted

Or

  • Set-ExecutionPolicy RemoteSigned

Click ‘Yes’ or ‘Yes to All’

Now that you have extracted the file, you need to copy the folder to the modules folder. Yes there are a few ways that this can be achieved, either using Windows Explorer, the command line or because we already have PowerShell open we will use PowerShell.

Type the command

  • Copy-Item –Path “C:\Users\yourprofile\Downloads\PSWindowsUpdate” –Destination “C:\Windows\System32\WindowsPowerShell\v1.0\Modules\PSWindowsUpdate” –Recurse –Force

This command is equivalent to either of the following commands entered at the command prompt (using Administrative privileges)

  • XCopy %UserProfile%\Downloads\PSWindowsUpdate\*.* %WinDir%\System32\WindowsPowerShell\v1.0\Modules\*.* /h/i/c/k/e/r/y

Or

  • RoboCopy %UserProfile%\Downloads\PSWindowsUpdate\ %WinDir%\System32\WindowsPowerShell\v1.0\Modules\ /CopyAll /E /R:0

Unblocking the extracted file

Unblock2Now that you have copied the folder, and its contents, to the Modules folder you need to Unblock the folder. Although you have modified the execution policy you are still likely to receive ‘security warnings’ when you attempt to execute the commands. This is because PowerShell uses Internet Explorer’s zone settings, and the file that you have downloaded, extracted and copied, is marked as being delivered from the Internet Zone.

Again there are a couple of ways of ‘Unblocking’ the folder, and its contents,

The way to achieve this through PowerShell is

  • Get-ChildItem C:\Windows\System32\WindowsPowerShell\v1.0\Modules\PSWindowsUpdate -recurse | unblock-file

Note

  • The command Get-ChildItem can be abbreviated to ‘GCI’ or ‘gci’
  • The ‘-Recurse’ switch unblocks parent and child folders. If this argument is omitted the child folders, and their contents, will be ignored and only those files held within the parent directory will be unblocked

If you are using the command line “Takeown /f:” C:\Windows\System32\WindowsPowerShell\v1.0\Modules\PSWindowsUpdate\*.*” /R

Note

/R is Recurse, and instructs the Takeown command to operate on files within the specified parent and child directories

You can also use Windows Explorer and navigate to the “C:\Windows\System32\WindowsPowerShell\v1.0\Modules” folder, right-click the “PSWindowsUpdate” folder selecting Properties, and then click ‘Unblock’ then OK.

Importing the module

Now that the files have been copied, and unblocked, you need to import the shared module in order to run the command. This is achieved by

  • Import-Module C:\Windows\System32\WindowsPowerShell\v1.0\Modules\PSWindowsUpdate

The command Import-Module can be abbreviated using ‘ipmo’ instead of Import-Module.

Running Windows Update using PowerShell

Now that you have imported PSWindowsUpdate you need to know which commands are available to you. In order to achieve this you need to use the command

  • Get-Command –Module PSWindows*

Or

  • GCM –Module PSWindows*

Firstly you need to know what updates are available, this can be achieved by running

  • Get-WUList –MicrosoftUpdate

clip_image004

Then to download and install the available updates you need to run one of the following commands

  • Get-WUInstall
  • Get-WUInstall –AcceptAll –Verbose Software
  • Get-WUInstall –AcceptAll –Verbose Driver
  • Get-WUInstall –AcceptAll –AutoReboot -Verbose

clip_image005

clip_image006

clip_image007

clip_image008

Windows Defender Update and Scan using PowerShell

Throughout this post I have written the text that you need to type in bold and Purple.

If you receive an error whilst running PowerShell explaining that you cannot execute the command due to restrictions, type “Set-ExecutionPolicy Unrestricted” and then press “Y” or “A” in answer to the question. This command removes qny restrictions that will have been set.

I received a frantic telephone call from a friend during the weekend. They were calling for help because their Windows Defender could not be updated using had been turned off, and when they managed to turn it back-on they could not update the signatures, nor could they scan their computer.

Alright, they are not the first person that this has happened to, and I doubt that they will be the last either.

A few years back I helped someone else who had a similar issue, and used PowerShell to resolve the issue.

Firstly you need to launch PowerShell

  • · Click on Search (Win 7), “Win+C” (Win 8x) or Cortana (Win 10) and type “PowerShell
  • · Now right-click Windows PowerShell and select “Run as Administrator”

cortana

Alternatively in Win 8x & Win 10 press the “Win Key + R” and type (with quotations) “%userprofile%\appdata\roaming\microsoft\windows\start menu\programs\windows powershell”. Then right-click Windows PowerShell and select “Run as Administrator”

Now that you have opened Windows PowerShell, the fun begins

Firstly, we need to know when your Windows Defender signature was last updated

Type “get-mpcomputerstatus | select *updated, *version” – This command will give you information concerning the last time your virus signature was updated. You can repeat this command, by pressing the up-arrow until it is shown, once the virus signature has been updated (below) to confirm that the signature has been updated.

get-mpcomputerstatus_updated_version

To update your virus signature type “Update-MpSignature

Signature_Update

Once your signature has been updated you are now able to initiate an anti-virus scan using Windows Defender through the PowerShell command-line.

The command “Start-MpScan” also allows you to state what type of scan you wish to initiate, as well as the scan path; which can be the system hard drive (C:\), a folder or even a remote UNC path

  • · FullScan
  • · QuickScan
  • · CustomScan

Type “Start-MpScan –ScanType FullScan” .. or “Start-MpScan –ScanType QuickScan

scan

That’s it folks, I can’t really make it any more complicated than that. It’s sweet and simple.

Just for information

A while back Microsoft launched “Windows Defender Offline”, which can be downloaded from Windows Defender Offline – Instructions & Download. This website also contains instructions upon how to use the package.

Paying for text editors .. What a RIP-Off … Why should I pay for something when I can get it for FREE – I’m NOT talking about the Operating System either

Works in Windows ALL versions

One of the things that really annoys me is the fact that people fail to conduct their consumer market research & decide to charge for the simple things in life, especially when the functionality they offer are provided for free.

Yes I know Microsoft have not updated the functionality in Notepad for a long time, but we need to remember that if they did then Microsoft would be dragged through the courts for dominating the market space. Internet Explorer & Google springs to mind …. along with the European Union !!

OKay, Notepad is the first text editor that many people will use, but we all know that it offers pretty basic functionality. If my memory serves me correctly – without the need to meander through that world wide library we call the internet – it first appeared in a suite of DOS utilities for Microsoft Mouse back in 1983/84. Then in 1985 Notepad was included within Windows 1.0.

Since then Notepad has become one of the stable utilities included within Windows.

Notepad is great for writing text documents, batch & .PS* files, editing .csv files along with many other simple things; But it is limited by the fact it can only open files of a maximum size – I believe it’s somewhere about 600Mb – which beats the 64Kb in Win 3.1

Whilst we all have preferences, I prefer PSPad (http://www.pspad.com/) – it’s something I stumbled across back in 2006’ish & have used it since.

PSPad

Functionality …

PSPad3

What it looks like

PSPad2

Coding offered …

The downside is that you need to download the dictionary, and place it within the folder structure. The advantage is that you can install multiple dictionaries

Another alternative, is Notepad++ (http://notepad-plus-plus.org/)

Code Offering … Notepad

Dictionary …

Notepad  2

There are a few more offerings, and the one that I have a serious issue with is UltraEdit (http://www.ultraedit.com/).

UltraEdit is offered as a trial for 30 days, after which it will COST you US$79.99.

This $79.99 will allow you to install UltraEdit on 3 machines, and free upgrades for a year after purchase. But UltraEdit does not provide anything more than either PSPad, or Notepad++.

So what is the benefit of paying for something that doesn’t offer a significant benefit …

Personally I’m sticking with PSPad, as my alternative text editor, and scripting tool. It’s not just because I’m comfortable with the package – having used it for so long – but because having tried other alternatives, I like the functionality offered by the application. It was written by someone who wanted his students to use a single interface allowing the definition of a standardised editor, rather than multiples.

Maybe someone will be able to show me a better editor, but until then PSPad is the one I’ll use.

PSPad compatibility .. Win XP, Win Vista, Win 7, Win 8\8.x & Win10

Installing fonts using PowerShell

Works in Win7, Win8.x & Win10

I have a folder containing 370+ fonts, in compressed files that I want to install.

The problem that I have is I dislike repeated mouse clicking during the extraction of the compressed file’s contents to another folder. Especially having to repeat this 370+ times.

The advantage is that I have WinRAR installed, so that I can manage compressed files, other than those covered by the inbuilt compression manager hosted by Windows Explorer & File Manager.

image

Launching the Command Prompt, in Administrator mode, fun the command

“C:\Program Files\WinRAR\winrar.exe” x C:\Users\test\Downloads\Font_Test\Zipped\*.zip C:\Users\test\Downloads\Font_Test\Font_Extract

This will unpack the files contained in “Font_Test\Zipped” to “Font_Test\Font_Extract”

Once the files have been extracted launch PowerShell, & run as administrator.

If you are running PowerShell on a personal system, and have not signed the script then you’ll need to set the execution policy “Set-ExecutionPolicy Unrestricted”

Then run the following command

$fonts = (New-Object -ComObject Shell.Application).Namespace(0x14)
dir C:\Users\test\Downloads\Font_Test\Font_Extract\*.ttf | %{ $fonts.CopyHere($_.fullname) }

image

This will install the fonts into the C:\Windows\Fonts folder, with the only interaction needed is you approval to approve the replacement of any duplicated named files

Creating a Start Menu for Win 8.x – It’s FREE

Works in Win8.x & Win10

This is something I should have posted a while back, but, when I rebuilt a Win 8.1 machine after introducing someone to Win 10 I received the usual complaint “where is my start menu” – right go & figure !

Creating the start menu is easier than you think. It’s not fantastic, & it has the appearance of Windows 2000, or the classic XP start menu. But it’s better than nothing, & it’s FREE, that is unless you really want to follow the other lemmings, (it’s addictive), out there & download third-party software to build a start menu.

clip_image002[4]

A trip down memory lane

Creating the start menu is something of a challenge.

Right click on the taskbar, and move the mouse to “toolbars”, then scroll across and left click on “new toolbar” (as shown below). This will open a windows explorer window.

clip_image004[4]

Using Windows Explorer navigate to .. c:\users\[user_name]\AppData\Roaming\Microsoft\Windows\Start Menu .. & left click on the “Programs” folder, then click on “Select Folder”

clip_image006[4]

This will give you the start menu. However, you now need to add those folders & programs you want to include within the menu

clip_image007[4]

Using Windows Explorer (Win_key + R) navigate back

“C:\Users\[user]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs”

clip_image009[4]

Launch another Windows Explorer window, by using Win_key + R, or hold shift whilst left clicking on the Windows Explorer icon in the taskbar. Once this window is open navigate to “C:\Program Files” and select the folder that holds the program .exe file you want to include in the start menu.

I want to include Microsoft Office.

In the “C:\Users\[user]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs”.

Right click in an empty space in the Win Explorer window and

clip_image011[4]

I’ve created a folder called “Microsoft Office 2013, now open the folder

clip_image013[4]

Select the file that you want to copy & right clicking on the file (keeping the right mouse button pressed) drag the file to the “C:\Users\[user]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013” folder.

clip_image015[4]

clip_image017[4]

Doing this you will be presented with a new sub menu, select “create shortcut” – remember it’s the shortcut to the program you need

Once the file has been copied you can rename the file by using “F2” or right click the file and select the “Rename” option.

clip_image018[4]

clip_image019[4]

Now repeat the process for creating folders, copying the shortcuts & renaming as you need.

Please remember, that although I have been copying from “C:\Programs” I have a 64bit (x64) version of Windows, which also includes “C:\Program Files (x86)” for those 32bit (x86) applications – especially if you are running programs like FireFox, Skype ect

clip_image021[4]

Lemmings realise they are paying for something they could get for free !!