Category: Windows OS-Level Issues

Use TAKEOWN and ICACLS with very long paths and filenames
article #1361, updated 17 days ago

If there are very long folder or file names, or the path is just too long somewhere down in the tree, this will fail:

ICACLS X:\folder /Q /C /T /reset

but this will succeed:

ICACLS "\\?\X:\folder" /Q /C /T /reset

Apparently the latter incorporates a different API somewhere in the chain.

For TAKEOWN, we just have to run it in Powershell, not CMD.

Powershell code to do it all at once, while CD’d to the level just above, using command-line parameter to specify folder name, is here:

param(
[string]$location
)

$iexcmd = 'TAKEOWN /F ' + '"E:\Shared Data\' + $location + '" /R /D Y'
Write-Progress -Activity "Reset Permissions" -CurrentOperation $iexcmd -PercentComplete -1
Write-Host $iexcmd
iex $iexcmd | Out-Null

$iexcmd = 'ICACLS ' + '"\\?\E:\Shared Data\' + $location + '" /Q /C /T /reset'
Write-Progress -Activity "Reset Permissions" -CurrentOperation $iexcmd -PercentComplete -1
Write-Host $iexcmd
iex $iexcmd | Out-Null

Categories:      

==============

"Show Desktop" shortcut in Windows 10
article #1359, updated 29 days ago

Create a shortcut to this:

explorer.exe shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}

and name it “Show Desktop”. When double-clicked, it will minimize all applications and show the desktop. This was standard in 7 and before. You can pin this icon to the Taskbar, to the Start menu, et cetera.

Categories:      

==============

Windows 8 and 10 Application Icon (ex- Start Menu) Locations
article #608, updated 31 days ago

The icons which were used in the “Start Menu” in 7 and before, are still present in Windows 8 through 10, though they are hidden. At the machine level, they are here:

%SYSTEMDRIVE%\Users\All Users\Microsoft\Windows\Start Menu\Programs

At the user level, they are here:

%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs

Categories:      

==============

The WINS resolution information was not updated. The record format is corrupt.
article #1227, updated 59 days ago

This error often occurs when a longstanding Windows Server network is given a much newer domain controller. The WINS records embedded in DNS, don’t work anymore; when you try to delete them or change them, you get the error message in the title of this article.

The best thing to do, is PowerShell:

Remove-DNSServerResourceRecord -ZoneName dns_zone.local -Force -RRtype "WINS" -Name "@"

Try that (substituting dns_zone.local for your LAN DNS zone!), then right-click on the zone name, choose “All Tasks” and then “Reload”, then press F5 for refresh. The error-causing situation will go away, you can then reconfigure easily. If there are other zones, you’ll want to repeat for all of them. If there is a WINS record in a reverse lookup zone, the RRtype is WINSR instead of WINS, the result being something akin to this:

Remove-DNSServerResourceRecord -ZoneName 1.168.192.in-addr.arpa -Force -RRtype "WINSR" -Name "@"

Sometimes the actions above only take effect, and show up in the servers, if you reload and refresh (often both) the zones.

Categories:      

==============

Disable Windows Defender
article #1351, updated 88 days ago

Currently, the only known way is this sort of effort:

Set-MpPreference -DisableIntrusionPreventionSystem $true `
-DisableBehaviorMonitoring $true `
-DisableRemovableDriveScanning $true `
-DisableScanningMappedNetworkDrivesForFullScan $true `
-DisableScanningNetworkFiles $true `
-DisableEmailScanning $true `
-DisableBlockAtFirstSeen $true `
-DisableIOAVProtection $true `
-DisableRealtimeMonitoring $true `
-DisableScriptScanning $true `
-EnableControlledFolderAccess Disabled `
-MAPSReporting Disabled `
-SubmitSamplesConsent NeverSend `
-PUAProtection Disabled

Categories:      

==============

Clear all Windows event logs in Powershell
article #1350, updated 88 days ago

Try this, in administrative Powershell:

wevtutil el | ForEach-Object { "$_"; wevtutil cl "$_" }

Categories:      

==============

Microsoft Printing Troubleshooter
article #1345, updated 126 days ago

Does not seem to have a web page of its own, it is linked from others:

http://aka.ms/diag_printer10

Categories:      

==============

Reset Windows Passwords
article #322, updated 127 days ago

There have been many live CDs out there which have utilities to reset passwords on Windows. Unfortunately, many of them are long out of date and won’t work (or will do odd things) on recent hardware, and recent operating systems. This one, “MediCat”:

https://gbatemp.net/threads/medicat-dvd-a-multiboot-linux-dvd.361577/

Is the best of breed known to me at this writing.

This one:

http://pogostick.net/~pnh/ntpasswd/

may well be the original, last update 2014; it does fail to boot on some newer hardware.

Categories:      

==============

HP Windows 10 Compatibility Matrix ("HP Products Tested with Windows 10")
article #1344, updated 127 days ago

Very informative:

https://support.hp.com/us-en/document/c05195282

and linked therein, a printer matrix:

https://support.hp.com/us-en/document/c04658195

Categories:      

==============

Mystery Services Reportedly Created by Windows Apps
article #1343, updated 129 days ago

It is far from clear what is going on, but here’s what I think I know:

  • Lots of services are being created in Windows 10, 2016, and 2019 fitting the descriptions below.
  • Many of these, but not all, have names with “_a1b2c” at their right-hand ends, where the characters and numbers are what look like non-random machine-readable strings, five characters long so far.
  • Many of these, but not all, have been svchost.exe items, not standalone services.
  • There are a variety of service names associated, including (on just this one machine) CaptureService_b8bc7, “Clipboard User Service_b8bc7”, “Connected Devices Platform Service”, “Connected Devices Platform Service_b8bc7”, “CredentialEnrollmentManagerUserSvc_b8bc7”, and many more. Of the list in this item, only the last is a standalone service, not a svchost item.
  • There are a variety of svchost item names associated, including BthAppGroup, LocalService, and UnistackSvcGroup. In particular, the UnistackSvcGroup items can be googled, but thus far, it appears not known for what they are used.

Some of these services cannot be deleted with the SC command; some can. If one changes permissions in registry items, they all probably could. But the question remains, what are they for, what are our valuable computing resources being taken for? Thus far, no one has reported anything not working when they are stopped and/or deleted. We may be looking at infrastructure Microsoft is laying in our own machines before our eyes, for new software they will send.

Categories: