Some Notes on the Machines

The journal can get huge over time, slowing machines down a lot. Here’s how to delete it and recreate it for C:, in CMD. The process can cause interference and conflict with Windows internals and applications, though I have not seen this happen so far. On a machine that has been in use a while, it can help a whole lot.

fsutil usn deletejournal /n C: & fsutil usn createjournal C:

Here are quick pastes for D: and E:.

fsutil usn deletejournal /n D: & fsutil usn createjournal D:

fsutil usn deletejournal /n E: & fsutil usn createjournal E:

In 2012R2/8.1 and before, we must be more specific in the creation:

fsutil usn deletejournal /n C: & fsutil usn createjournal m=1000 a=100 C:

fsutil usn deletejournal /n D: & fsutil usn createjournal m=1000 a=100 D:

fsutil usn deletejournal /n E: & fsutil usn createjournal m=1000 a=100 E:

And here’s Powershell, to do it all for every drive letter in the system:

########################################
# Delete and Recreate NTFS USN Journal #
########################################

# This script iterates through all lettered NTFS drives in Windows, 
# and deletes and recreates the USN Journal of each one.
# Considerable performance gain results if the image has been running
# for a year or more.

# There are slightly different commands between some OS versions.
$OSVer = [System.Environment]::OSVersion.Version
If ($OSVer.Major -gt 10)
{
	"OS > 10. Create uses short command."
	$ShortCommand = $True
} ElseIf ($OSVer.Major -eq 10) {
	If ($OSVer.Build -le 14393)	{
		("OS is 10 build " + $OSVer.Build + ". " + "Create uses long command.")
		$ShortCommand = $False
	}
	Else {
		"OS is 10, build > 14393. Create uses short command."
		$ShortCommand = $True
	}
} ElseIf ($OSVer.Major -lt 10) {
	"OS < 10. Create uses long command."
	$ShortCommand = $False
}	

Get-CimInstance -Query "Select * FROM Win32_LogicalDisk WHERE DriveType=3" | ForEach-Object {
	$DriveID = $_.DeviceID

	If ($DriveID -match "[A-Z]")
	{
		"Deleting USN Journal on " + $DriveID + " ..."
		fsutil usn deletejournal /n $DriveID

		"Recreating USN Journal on " + $DriveID + " ..."
		if ($ShortCommand) {
			fsutil usn createjournal $DriveID
		}
		else {
			fsutil usn createjournal m=1000 a=100 $DriveID
		}
	}
}
# End Script

Reference:

docs.microsoft.com/en-us/windows-server/administration/windows-commands/fsutil-usn

Here’s a summary:

sudo apt update
sudo apt install ssh
sudo systemctl start ssh
sudo systemctl enable ssh
sudo systemctl status ssh
sudo ufw allow ssh

To do this, stop the service, copy the command line into an administrative CMD, and add “-f” to the end. Then you can open the instance in SQL Studio using Windows authentication.

Often one will find a Microsoft SQL server with no working or available administrative login. To set one up:

1. Stop the database. You’ll need its name. Go to services.msc , find entry “SQL Server (XYZ)”; XYZ is the name.

2. Set up the database to run in single-user mode. Take the executable line in Services Manager for the SQL server, add “-m -f” to the end (no spaces, no quotes), and run it in a new administrative CMD. An example:
   "E:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe" -sXYZ -m -f

3. From another administrative command prompt, run the command-line client:

SQLCMD -E -S 127.0.0.1\XYZ

This may take multiple attempts. The attempts may error saying “Reason: Server is in single user mode. Only one administrator can connect at this time.” You may need to stop and restart the server. Sometimes the server just takes a while to reach functionality. Eventually the client will connect will connect and give you the prompt:

1>

4. Enter the following, press Enter at every line, and choose something long and horrible for PasswordText:

CREATE LOGIN [sa2] WITH PASSWORD = 'PasswordText'
GO
GRANT CONTROL SERVER TO [sa2]
GO
EXIT

5. Reverse the change in SQL Server Configuration Manager.

6. Restart the SQL server.

This works:

np:\\.\pipe\MICROSOFT##WID\tsql\query

It’s built into the latest builds of Windows 10 and 11 and Server, and can be installed into many.

To see if you have it, try winget list from CMD or Powershell. If you don’t have it on a newer platform with the Microsoft store, or if it does not work properly, try this Powershell:

# Install VCLibs
Add-AppxPackage 'https://aka.ms/Microsoft.VCLibs.x64.14.00.Desktop.appx'

# Install Microsoft.UI.Xaml.2.7.3 from NuGet
Invoke-WebRequest -Uri https://www.nuget.org/api/v2/package/Microsoft.UI.Xaml/2.7.3 -OutFile .\microsoft.ui.xaml.2.7.3.zip
Expand-Archive .\microsoft.ui.xaml.2.7.3.zip
Add-AppxPackage .\microsoft.ui.xaml.2.7.3\tools\AppX\x64\Release\Microsoft.UI.Xaml.2.7.appx

# Install the latest release of Microsoft.DesktopInstaller from GitHub
Invoke-RestMethod 'https://api.github.com/repos/microsoft/winget-cli/releases/latest' | % assets | ? name -like "*.msixbundle" | % { ($InstallerFileName = $_.name) }
Invoke-RestMethod 'https://api.github.com/repos/microsoft/winget-cli/releases/latest' | % assets | ? name -like "*.msixbundle" | % { Invoke-WebRequest $_.browser_download_url -OutFile $_.name }dAdd-AppxPackage $InstallerFileNamed

# Fix permissions
TAKEOWN /F "C:\Program Files\WindowsApps" /R /A /D Y
ICACLS "C:\Program Files\WindowsApps" /grant Administrators:F /T

# end script

One good way to test it, is to install Microsoft .NET framework (SDK) 6, thus, from administrative Powershell:

winget install --id Microsoft.DotNet.Runtime.6 --silent --accept-source-agreements

I learned just now that if you add other seemingly valuable options to the one above, e.g., --scope machine, at least while running as SYSTEM, it will fail citing package not found. So you’ll want to test carefully.

Here’s one proven just now for 7zip (there’s a “search” option in winget to get the ID):

winget install --exact --id 7zip.7zip --accept-package-agreements --silent --scope machine

Here’s one for Google Chrome, needs a bit of extra:

winget.exe install --exact --id Google.Chrome --silent --accept-package-agreements --accept-source-agreements --scope machine

If you do want to use it from the SYSTEM account, in scripting, it gets interesting. You’ll want to first run this:

$ResolveWingetPath = Resolve-Path "C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_*_x64__8wekyb3d8bbwe"
    if ($ResolveWingetPath){
           $WingetPath = $ResolveWingetPath[-1].Path
    }
$ENV:PATH += ";$WingetPath"

and then winget will run as expected.

Adding Winget on Windows 10/2019/2016 builds 1809 or lower is touch and go. This worked as a prerequisite on a recent Server 2019/1809, with the addition to the path above:

# Install VCLibs
Add-AppxPackage 'https://aka.ms/Microsoft.VCLibs.x64.14.00.Desktop.appx'

# Install Microsoft.UI.Xaml.2.7.3 from NuGet
Invoke-WebRequest -Uri https://www.nuget.org/api/v2/package/Microsoft.UI.Xaml/2.7.3 -OutFile .\microsoft.ui.xaml.2.7.3.zip
Expand-Archive .\microsoft.ui.xaml.2.7.3.zip
Add-AppxPackage .\microsoft.ui.xaml.2.7.3\tools\AppX\x64\Release\Microsoft.UI.Xaml.2.7.appx

# Fix permissions
TAKEOWN /F "C:\Program Files\WindowsApps" /R /A /D Y
ICACLS "C:\Program Files\WindowsApps" /grant Administrators:F /T

From the remarkable David Gottschamer:

www.colasoft.com/capsa-free/

The Powershell below, calls all of the tools listed for it here.

if (([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
    {
    "Running elevated; good."
    ""
    } else {
    "Not running as elevated.  Starting elevated shell."
    Start-Process powershell -WorkingDirectory $PWD.Path -Verb runAs -ArgumentList "-noprofile -noexit -file $PSCommandPath"
    return "Done. This one will now exit."
    ""
    }

Set-ExecutionPolicy Bypass -Scope Process -Force

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12;

Import-Module BitsTransfer

$ps_script_list = @(
    'mma-appx-etc.ps1',
    'TweakMemTCP.ps1',
    'RunDevNodeClean.ps1',
    'wt_removeGhosts.ps1',
    'TweakDrives.ps1',
	'TweakSMB.ps1',
    'OWTAS.ps1',
    'OVSS.ps1',
    'CATE.ps1',
	'TweakHardware.ps1'
    )

$wco = (New-Object System.Net.WebClient)

ForEach ($ps_script in $ps_script_list) {
	$download_url = "http://cbt-tech-lab.centuryks.com/windows-tools/tools/$ps_script"

	""
	"--- Downloading $ps_script... ---"
	Invoke-WebRequest -Uri $download_url -Outfile ".\$ps_script"

	$run_script = ".\$ps_script"

	& $run_script
	Remove-Item ".\$ps_script"
	}

$wco.Dispose()

#end of script

The Powershell below, updates/installs all Microsoft redistributable libraries. The general repository is here.

<#PSScriptInfo

.VERSION 4.2

.GUID 03c695c0-bf45-4257-8156-89310e951140

.AUTHOR Jonathan E. Brickman

.COMPANYNAME Ponderworthy Music

.COPYRIGHT (c) 2024 Jonathan E. Brickman

.TAGS

.LICENSEURI https://opensource.org/licenses/BSD-3-Clause

.PROJECTURI https://github.com/jebofponderworthy/windows-tools

.ICONURI

.EXTERNALMODULEDEPENDENCIES 

.REQUIREDSCRIPTS

.EXTERNALSCRIPTDEPENDENCIES

.RELEASENOTES
GetRedists
Retrieve, and install/update, all missing VC++ redistributable libraries
currently being supported by Microsoft, using the excellent
VcRedist module.

.PRIVATEDATA

#> 

<#

.DESCRIPTION 
GetRedists - Get all current Microsoft VC++ redistributables

#>

Param()


#######################################################################
# GetRedists                                                          #
# v5.0                                                                #
#######################################################################

#
# by Jonathan E. Brickman
#
# Retrieves and installs all of the Microsoft redistributable libraries
# currently being supported, using the excellent VcRedist package.
#
# Copyright 2024 Jonathan E. Brickman
# https://notes.ponderworthy.com/
# This script is licensed under the 3-Clause BSD License
# https://opensource.org/licenses/BSD-3-Clause
# and is reprised at the end of this file
#
# GetRedists is entirely dependent upon VcRedist:
# https://docs.stealthpuppy.com/vcredist/function-syntax/get-vclist
# for which profound gratitude is!!!
#
#

""
""
"****************"
"   GetRedists   "
"****************"
""
""

# Items needing work:
# - Command-line option for location of repo folder
# - Error handling; if errors occur at any stage, terminate and print.

# Self-elevate if not already elevated.
if (([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
    {
    "Running elevated; good."
    ""
    } else {
    "Not running as elevated.  Starting elevated shell."
    Start-Process powershell -WorkingDirectory $PWD.Path -Verb runAs -ArgumentList "-noprofile -noexit -file $PSCommandPath"
    return "Done. This one will now exit."
    ""
    }

# Sets TLS version.  Necessary for some situations.
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12

$reportStatus = ''
$currentOp = ''
function ShowProgress {
	param( [string]$reportStatus, [string]$currentOp )

	Write-Progress -Activity "Get Microsoft Redistributables" -Status $reportStatus -PercentComplete -1 -CurrentOperation $currentOp
	# Write-Progress is not compatible with some remote shell methods.

}

'Preparing Powershell environment...'

Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force > $null

ShowProgress("Preparing Powershell environment...","Setting up to use Powershell Gallery...")

Install-PackageProvider -Name NuGet -Force -ErrorAction 'SilentlyContinue' > $null
Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
If (Get-InstalledModule -Name PsWindowsUpdate -ErrorAction 'SilentlyContinue') {
	Update-Module -Name PSWindowsUpdate -Force
} Else {
	Install-Module -Name PSWindowsUpdate -Force
}
Import-Module PSWindowsUpdate

ShowProgress("Preparing Powershell environment...","Checking and preparing module VcRedist...")

# Install or update module VcRedist
If (Get-InstalledModule -Name VcRedist -ErrorAction 'SilentlyContinue') {
	Update-Module -Name VcRedist -Force
} Else {
	Install-Module -Name VcRedist -AllowClobber -Scope CurrentUser -Force
}

# Import VcRedist to this session
Import-Module -Name VcRedist

if ($False -eq (Test-Path C:\VcRedist -PathType Container)) {
	New-Item C:\VcRedist -ItemType Directory | Out-Null 
	}

''

'Getting list of currently installed redistributables...'

ShowProgress("Getting list of currently installed redistributables...","")
$InstalledRedists = Get-InstalledVcRedist

'Getting list of currently available and supported redistributables...'
''

ShowProgress("Getting list of currently available and supported redistributables...","")
$AvailableRedists = Get-VcList

ShowProgress("Checking and installing/upgrading as needed...","")

# Create blank array of redists to install
$RedistsToGet = @()

# Initialize...
$NothingMissing = $True

# Cycle through all available redists
# Using .ProductCode not .Version, .ProductCode will eliminate false downloads
ForEach ($OnlineRedist in $AvailableRedists) {

	'Checking: ' + $OnlineRedist.Name + '...'

	# Cycle through all redists currently installed,
	# checking to see if the available one being checked is there,
	# and if not, add it to the array of those to be installed.

	$IsInstalled = $False

	ForEach ($LocalRedist in $InstalledRedists) {
		If ($OnlineRedist.ProductCode -eq $LocalRedist.ProductCode) {
			'Already installed.'
			""
			$IsInstalled = $True
			break
			}
		}
	If ($IsInstalled -eq $False) {
		'Needed.'
		""
		$RedistsToGet += ,$OnlineRedist
		$NothingMissing = $False
		}
	}

If ($NothingMissing -eq $True)
	{
	"No VC++ redistributables missing."
	""
	Exit
	}

ShowProgress("Retrieving all needed redistributables to repo folder...","")
"Retrieving..."
""
$ListOfDownloads = Get-VcRedist -Verbose -VcList $RedistsToGet -Path C:\VcRedist

ShowProgress("Installing all needed redistributables from repo folder...","")
""
"Installing and reporting current list..."
""
Install-VcRedist -Verbose -VcList $RedistsToGet | ft

# The old brute force get-them-all code
#
# ShowProgress("Retrieving all redistributables to repo folder...","")
# Get-VcList | Get-VcRedist -Verbose -Path C:\VcRedist | Out-Null
# ShowProgress("Installing all redistributables from repo folder...","")
# Get-VcList | Install-VcRedist -Verbose -Path C:\VcRedist | Out-Null

ShowProgress("Removing repo folder...","")
Remove-Item C:\VcRedist -Recurse -Force | Out-Null
ShowProgress("Done!","")

# The 3-Clause BSD License

# SPDX short identifier: BSD-3-Clause

# Note: This license has also been called
# the AYA>A>??sA??.??oNew BSD LicenseAYA>A>??sA??,A? or AYA>A>??sA??.??oModified BSD LicenseAYA>A>??sA??,A?.
# See also the 2-clause BSD License.

# Copyright 2018 Jonathan E. Brickman

# Redistribution and use in source and binary
# forms, with or without modification, are
# permitted provided that the following conditions are met:

# 1. Redistributions of source code must retain the
# above copyright notice, this list of conditions and
# the following disclaimer.

# 2. Redistributions in binary form must reproduce the
# above copyright notice, this list of conditions and
# the following disclaimer in the documentation and/or
# other materials provided with the distribution.

# 3. Neither the name of the copyright holder nor the
# names of its contributors may be used to endorse or
# promote products derived from this software without
# specific prior written permission.

# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
# CONTRIBUTORS AYA>A>??sA??.??oAS ISAYA>A>??sA??,A? AND ANY EXPRESS OR IMPLIED WARRANTIES,
# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER
# OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
# GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

This venerable tool:

https://www.speedguide.net/downloads.php/

is still by far the best. It optimizes Windows settings for speed on the Internet. It can help at both home and enterprise, and quite a lot. Still being kept up to date for Windows 11.