Check if a specific KB update is installed in Windows

With Windows XP/2003 and earlier you could often just look in C:\windows for installed patches there would be a KBxxxxxxx folder, however life moved on..

Today I had the need to see if a patch was installed and I found this quite useful;
http://serverfault.com/questions/263847/how-can-i-query-my-system-via-command-line-to-see-if-a-kb-patch-is-installed

I ended up using the command;

wmic qfe | find "KB2744129"

You ofcause exchange the KB number with the one you are looking for..

This worked like a charm for me 🙂  tnx Jscott.

SMTP from a commandline/script

I just had the need to send a mail via a script file, now in VB this could be easily done but from a .cmd file!?  Well I found something called “bmail” which worked for me, sadly it is missing a switch to include attachments but for now I can live with this.  It’s freeware by the way 🙂

Get it here;
http://www.beyondlogic.org/solutions/cmdlinemail/cmdlinemail.htm

Detect 32/64 bit in a batch file

I had the need to detect if a system was running 32 or 64 bit, I ended out with a solution much like the one shown below;

Just create two subdirectories called X86/X64 (X86 version in X86 and X64 in X64) and then create a install.cmd in each to install either the x86 or x64 version.

----<batchfile.cmd>---------------
@Echo off
if defined ProgramFiles(x86) goto INS64
goto INS32
:INS32
Echo 32 bit installing
call x86\install.cmd
goto END
:INS64
Echo 64 bit installing
call x64\install.cmd
goto END
:END

USB Safely remove + a whole lot more…

Ever had problems ejecting a USB device – getting an errror like “Unable to stop….”?

Well this page claim to have a utility that can assist you with this issue plus a whole lot more (like renaming USB devices, ejecting USB via command line and hot-key eject)… Sounds very promising..

http://safelyremove.com

I found this by visiting an old post here on my site, a post about a file unlocking utility.

Start / Stop services via WMI vbs

Here is how to start and stop a service via WMI calls from a .vbs;

'Start Service
strServiceName = "Alerter"
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colListOfServices = objWMIService.ExecQuery ("Select * from Win32_Service Where Name ='" & strServiceName & "'")
For Each objService in colListOfServices
    objService.StartService()
Next

'Stop Service
strServiceName = "Alerter"
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colListOfServices = objWMIService.ExecQuery("Select * from Win32_Service Where Name ='" & strServiceName & "'")
For Each objService in colListOfServices
    objService.StopService()
Next

WGET – download files/definitions via a script

We have a few servers that for some reason refuse to update their antimalware definitions automatically, the procedure is then to download the definition update manually and apply it, not rocket science but annoying as hell.

We use Microsoft Forefront Client Security and Microsoft is kind enough to offer a link where you can download a complete definition update file as an exe file, this will then update your antivirus – all you do is download and execute.

So I came up with the idea that if I could download this file via a script then I could apply it via a schedule during the night on the affected servers.  But how do you download a file via a schedule/script?  At first I leaned towards a VBS script, I even found a few but either they did no longer work (due to added security over the years to IE) or was painfully slow (the latter is not good when downloading a file of 45mb).  Further Googeling let me to WGET a simple commandline utility that can be scripted, and sure enough it worked like a charm 🙂

Should anyone have a similar problem then the batch/script file I made looks like this;
(Just modify the parts in red)

cls
Echo *************************************************************************
Echo  This script will download the latest forefront antimalware def
Echo  once a day for servers with update problems
Echo *************************************************************************
Echo  The file downloaded is;
Echo.
Echo  http://go.microsoft.com/fwlink/?LinkID=87342&clcid=0×409
Echo.
echo.
del D:\Appl\msdefinitions\Definitions\mpam-fe.exe
D:\Appl\msdefinitions\wget.exe -t9 -O D:\Appl\msdefinitions\Definitions\mpam-fe.exe http://go.microsoft.com/fwlink/?LinkID=87342&clcid=0×409

More on downloading MS-Forefront definition files look here;
http://www.kanmandet.dk/?p=84

AutoIT3 – Excellent scripting tool

autoit3If you once in a while work with installing software, then you HAVE to check this out.

http://www.autoitscript.com/autoit3/scite

It is a scripting language that will make it very easy to install and modify installed software installations, it uses a very intuitive VB variant that is very easy to understand and the help is just wonderful.  One of the VERY neat features is that once you have completed your install script you simply compile it and viola you have an .exe file, thus you can simply add an install.exe file to the package you wish to distribute and the enduser do not need to have any scripting engine etc. installed, it IS neat..

So you might think, “well if its a VB vaiant, why not just make the whole thing as a VB-Script” – well you could – but have you ever tried to access files/registry etc via a VB script, well sure it is possible but the code quickly become unnessesary complex, this scripting language is straight out of the bag – copyfile( from, to) as easy as that.

The scripting engine has support for;
System variabels (eg. @StartMenu = location of startmenu, @StartMenuCommonDir = location of All users start menu etc etc.)
File management (copy / delete / move files)
Directory management (copy / delete / move directories)
Registry access (read write)
Replay keystrokes

and a whole lot more..

This is from the introduction in the help file;
Easy to learn BASIC-like syntax
Simulate keystrokes and mouse movements
Manipulate windows and processes
Interact with all standard windows controls
Scripts can be compiled into standalone executables
Create Graphical User Interfaces (GUIs)
COM support
Regular expressions
Directly call external DLL and Windows API functions
Scriptable RunAs functions
Detailed helpfile and large community-based support forums
Compatible with Windows 95 / 98 / ME / NT4 / 2000 / XP / 2003 / Vista / 2008
Unicode and x64 support
Digitally signed for peace of mind
Works with Windows Vista’s User Account Control (UAC)

Inspiration;
If you are interested I have created an uninstall script for McAfee Virus Scan and ePO agent,

you can download it here for inspiration;
http://www.kanmandet.dk/downloads/McAfee_Uninstall.au3 
or the compiled EXE version here
http://www.kanmandet.dk/downloads/McAfee_Uninstall.exe

For more on uninstalling McAfee Virus Scan and ePO please see http://www.kanmandet.dk/?p=147

Account locked out – debugging

If you are a sysadmin you have likely experienced that some odd user keep getting his/her Windows Domain Account locked out, there can be numerous reasons for this but while debugging the exact reason the user keep getting locked out and keep calling you every hour or so to be unlocked.

Well I came up with a workaround, you download a simple freeware utility called unlock.exe, and then schedule a batch job to run every 15-30 min that simply unlocks the account.  Now this is not the solution, as you really need to find the cause, but as debugging things like these can take some time and perhaps you have other pressing matters as well – then this is a fair workaround.

The batch file would look something like this;
unlock.exe . username

The unlock command also allow for listing locked accounts, and now I am thinking, maybe I could even set up some surveillance with this, creating a list of locked accounts every morning…  but that’s another story 🙂

http://www.joeware.net/freetools/tools/unlock/index.htm

Windows Update – script it

So you need to fiddle a bit with Windows Update, the reasons can be many;

  1. you want to centrally initiate an update
  2. you are paranoid and want to script a daily/weekly or monthly Windows Update (in case the automatic detection fail).

Well, for help on how to launch it on different remote machines I suggest you visit Dave’s Blog;
http://skatterbrainz.blogspot.com/2009/01/script-code-batch-running-wuauclt.html

A Desktop shortcut;
You could also simply create a desktop shortcut linking to

wuauclt.exe /resetauthorization /detectnow

This would force a Windows Updates detection to run upon clicking the shortcut, somewhat easier than launching the website.

The script you would need locally could look something like this;

@Echo off
Echo Stopping Windows Update Service
net stop wuauserv
Echo Starting Windows Update Service
net start wuauserv
Echo Forcing Windows Update detection
%windir%system32wuauclt.exe /detectnow

I also stumbled across some neat commands to try in case you are debugging Windows Update (update not working);
http://www.techsupportforum.com/microsoft-support/windows-xp-support/279270-automatic-update-not-started-error-1058-a.html

net stop wuauserv 
del /f /s /q %windir%SoftwareDistribution*.*
net start wuauserv 
wuauclt.exe /detectnow
_____________________

net stop bits 
net stop wuauserv 
%windir%system32
egsvr32.exe /s %windir%system32atl.dll 
%windir%system32
egsvr32.exe /s %windir%system32jscript.dll 
%windir%system32
egsvr32.exe /s %windir%system32msxml3.dll 
%windir%system32
egsvr32.exe /s %windir%system32softpub.dll 
%windir%system32
egsvr32.exe /s %windir%system32wuapi.dll 
%windir%system32
egsvr32.exe /s %windir%system32wuaueng.dll 
%windir%system32
egsvr32.exe /s %windir%system32wuaueng1.dll 
%windir%system32
egsvr32.exe /s %windir%system32wucltui.dll 
%windir%system32
egsvr32.exe /s %windir%system32wups.dll 
%windir%system32
egsvr32.exe /s %windir%system32wuweb.dll 
net start bits 
net start wuauserv 
wuauclt /resetauthorization /detectnow
_____________________________

net stop bits 
net stop wuauserv 
regsvr32 /u wuaueng.dll /s
del /f /s /q %windir%SoftwareDistribution*.*
del /f /s /q %windir%windowsupdate.log
regsvr32 wuaueng.dll /s
net start bits
net start wuauserv
wuauclt.exe /resetauthorization /detectnow

PPS. Vista/Win2008 users beware.
Stopping services etc under windows vista/2008/7  require the scripts to be run as an administrator.

Delete files older than data using a batch file

Forfiles -p c:ackup -s -m *.* -d -5 -c “cmd /c del /q @path”

This will delete all files in my backup directory older than 5 days. To test it first, use this:

Forfiles -p c:ackup -s -m *.* -d -5 -c “Cmd /C Echo 0x22@Path@File0x22”

Workarounds for XP users might be;
http://windowsitpro.com/article/articleid/71600/jsi-tip-0274—delete-files-older-than-xx-days.html (but this require additional software to be ‘installed’).

Hmm the below seem to be some unix variant, but maybe something similar is possible in Windows.

http://lifehacker.com/software/command-line/cli-fun–delete-files-older-than-x-days-239124.php (seem cool)
find /path/to/files* -mtime +5 -exec rm {} ;
http://lifehacker.com/software/geek-to-live/geek-to-live-hard-drive-janitor-133190.php (the deluxe edition)