Stupid Windows Tricks

home | blog | Terrible people and places | Covid-19 links | Teh Internet | guest blog |rants | placeholder | political | projects | Gwen and Liam | Citadel patched | Tools | Scouts

Roll back Outlook update:

"C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe" /update user updatetoversion=16.0.13901.20462”

Get list of KB's (updates) installed:
systeminfo > .\sysinfo.txt


wmic qfe list full /format:csv > .\patches.csv
(find what you are looing for with findstr and pipe:

type patches.csv | findstr 1392

And of course you would not be here if you simply wanted to find a bad update, you of course want to remove it:
wusa /uninstall /KB:4601318
(because the gui sucks and won't have it listed until after the ill fated reboot...)

Enable remote desktop on Server 2012?

fire up a cmd shell (good luck finding that)...
type in: systempropertiesremote

Snapshot backup locked files with diskshadow.exe (Win 7, 2008, (sorry 2003)):

O.K. 2003, seems you are in luck:
In case that goes away (msdn, never moves or deletes eh?):
set CALLBACK_SCRIPT=%~dpnx0 
set TEMP_GENERATED_SCRIPT=GeneratedVarsTempScript.cmd 
%~dp0\vshadow.exe -nw -p -script=%TEMP_GENERATED_SCRIPT% -exec=%CALLBACK_SCRIPT% %SOURCE_VOLUME% 
@goto :EOF 
%~dp0\vshadow.exe -el=%SHADOW_ID_1%,%DESTINATION_VOLUME% 
@echo ******************************************* 
@echo To delete the shadow copy, run the command: 
@echo VSHADOW.EXE -ds=%SHADOW_ID_1% 
@echo ******************************************* 
now the client example:
Y:\util>CreateShadow.cmd x: o:
To delete the shadow copy, run the command:
    VSHADOW.EXE -ds={c8b7c7cc-9903-4a78-b353-7b1b0d14c343}

Now the example of a mount point to a dir on the source
@set BACKUP_DATE=%date:~4%_%date:~0,3% 
@set BACKUP_TIME=%time:~0,8% 
md %1\%UNIQUE_DIR% 
call CreateShadow %1 %1\%UNIQUE_DIR%

Remember all that bit above is AdiOlteanJanuary 20, 2005 - Adi Oltean's Weblog -

Back to the show of my other collected bits

Run a script with it as it is by default interactive:

diskshadow /s script.txt

Where script.txt makes and removes the drive:

set context persistent
set metadata c:\
add volume c: alias cdrive
set verbose on
expose %cdrive% y:
exec backupscript.cmd
unexpose y:

(might want to run a script if doing daily that fixes everything in another run) - call it something like fixitall.txt
unexpose y:

(the reason for the extra diskshadow /s fixitall.txt script is diskshadow will exit with an error if the Y drive does not exist)

Don't forget to remove the shadow after you are done:

diskshadow /s removeold.txt


delete shadows all

DNS lookups timing out from your isp's dns when forwarding?
On 2008 R2, just change to our saviors dns "google":
dnscmd <dns-serverip> /ResetForwarders
Ha! Take that crappy ISP, this won't come back to bite anybody in the arse later!

Windows Update not working on your 2008 R2 server?
Try stopping the service and moving the possibly corrupt edb.log file out of the way, restart the service and re-try.
Had one that had a corrupt edb log and would not install the newer WU software before that was done.

Better Windows 7 control panel

Make a folder with this name:

Or, in Exploder (sorry, Explorer)

Enable multiple remote desktop logins in Win2k8

Administrative Tools -> Remote Desktop Services -> Remote Desktop Session Host Configuration
(under the General section, RC edit the "Restrict Each User to a Single Session")

Enable file and print exception for the Windows XP firewall (pants mode)

netsh firewall set service type = FILEANDPRINT mode = ENABLE scope = ALL

Enable error stats to network interfaces?


Sprinkle in this reg key (Win XP) and reboot.

Turn on Terminal Services?
regedit -> file -> connect network registry -> HKLM\System\CurrentControlSet\Control\Terminal Server
fDenyTSConnections (change from 1 to 0)

After hack the registry, why not try the next one?:

Reboot a remote machine?
shutdown -m \\machinename -r

Win32 utils link page

Where the shares at?


Robocopy good?

robocopy \svr1\src \svr2\dest /COPYALL /E

slap /fft /xo
on the end to make it 2 second aware (fat) and xo for skip older files and you have a nice tool there.
Put /ZB to change backup semantics to capture as if it was a backup user.
Put /R:5 and do multiple passes to get around users and active locks on files in the shares.

The network is not present or not started?

Start the service Workstation in the services. Nothing like a clear error message eh?

Dump active directory to a csv file - or ldif dump?

csvde -f test.csv 

you could also use ldifde as well if you need ldif dump format

ldifde -f export.ldf -s dcservername

Re-run the stupid xp activation tool (Beware! If doing a repair install and IE7 is foobar (i.e. not installed correctly, you will have issues doing a repair install and then registering!)

c:\windows\system32\oobe\msoobe.exe /a

Then wait for it to fail over the Internet registration and make a call to talk to the computer voice and find that the update servers are down again and the phone support will not be working again for another 4 hours.

If you get an error code 32777 and it seems visiting the

times out while fetching the cert, try this:

Start Internet Explorer.
Use the Tools menu to press Internet Options.
Select the Advanced tab.
Clear the following check boxes:
 Check for publisher’s certificate revocation
 Check for server certificate revocation (requires restart)
Press Apply and OK.
Close all instances of Internet Explorer.
Open Internet Explorer.
Active Windows.

Replace the activation key:
Thanks Shik -
That page is a mess, so here is the how-to:

Command Prompt
1. Click on start and type command (cmd) with run as administrator option or
open elevated command prompt
run cmd as administrator
Swap keys with:
 slmgr.vbs -ipk new-product-key

Force re-register with the new key:
 slmgr.vbs -ato

For a gui:
 slui.exe 3  <- type in key activation
 slui.exe 4  <- phone activation

disassemble windows (32 bit) dll

In case John's site does not exist, here is the one liner I stole from him :-)
objdump --disassemble /mnt/c/windows/system/driver.dll

Do split horizon dns (sorta) with Windows 2008 server DNS:

Ever want to add a host record for a domain without having to re-create all the records internally in an org?

Try this:

If that link should break, here is the low down.
1. Create a zone with the full host and domain i.e.
2. Add a nameless A record to the new zone with the ip of the host you want split dns on.
3. Enjoy.

Dump the dhcp database to a file Windows 2003 (possibly 2000 as well):

netsh dhcp server export .\dhcpdump.txt all
 - if you want to be able to read it....
netsh dhcp server dump > .\dhcpdump.txt

Windows 2000 does not have export, so use dump
netsh -c dhcp server scope dump > c:\test.txt

In either case, you will want to replace all of the "Dhcp Server x.x.x.x" with the new server IP address (go go gadget vim) before
an import on another server.

Pop on over to the other server and import with:
netsh exec test.txt
netsh dhcp server initiate auth
netsh dhcp server initiate reconcile

And of course shut down the old dhcp server so you don't confuse everyone.
Another thing.  If you get "The specified DHCP client is a reserved client." or other stupidity importing static leases, you
need to expand the scope temporarily to cover that reserved range, import, and then change the scope range back.

Also, if it seems like the dhcp server is not reliably handing out leases, try setting credentials for dns updates
Try this:

netsh dhcp server set dnscredentials username domain password
Migrate a Print spool and drivers
Install the role on the gaining server (no setup yet).
C:\Windows\System32\spool\tools>PrintBrm.exe -s \oldservernameorip -b -f oldserverconfig.out
C:\Windows\System32\spool\tools>printbrm -s \newserverorip -r -f oldserverconfig.out

There will be errors depending on drivers and if you need to enable sub roles for the spooler (think lpd stuff)...

Are you getting "There is not enough space on the disk" errors while applying security to a directory (folder) - damn I hate that term.

Check for a quota on the drive of the server you are using for a possible quota on that user / group

Not able to delete a partition (especially recovery partition?)

diskpart.exe -> (select disk and victim partition and)->

delete partition override