Vol. 22, #25 - June 19, 2017 - Issue #1136

Windows 10 disantivirus

Free Tool: Permissions Analyzer for Active Directory 


SolarWinds® Permissions Analyzer for Active Directory™ gives you instant visibility into user and group permissions and a complete hierarchical view of the effective permissions and access rights for a specific NTFS file folder or share drive – all from a user friendly desktop dashboard.  Browse permissions by group or individual user, and analyze user permissions based on group membership combined with specific permissions.  Unravel a tangled mess of file permissions: network share, folder, Active Directory, inherent, explicit, calculated and more.

Download the Free Permissions Analyzer Tool Today. 

Editor's Corner

This week's newsletter is about how Microsoft seems to be blocking third-party antivirus programs from working properly in Creators Update their latest release of Windows 10. We also have some terrific feedback from readers on last week's Ask Our Readers question plus the usual tips, tools and other stuff you expect from your favorite IT pro newsletter.

Well at least we *hope* we're your favorite newsletter! And as a reward for reading our newsletter we offer you one of our favorite Dilbert comic strips:


Ask Our Readers - Creating a USB HHD rescue disk for Windows (reader suggestions)

Last week a reader named Wlad from Alabama, USA sent us the following question which we tossed out to our readers to try and answer:

Would it be possible to pose the following question to ask on our readers forum? I have spent last month researching the issue and I'm more confused than ever. I want to create a "rescue disk" for several systems I use, starting with Windows 7 and ending with Windows 10. What I have in mind is a single USB HDD for each system. The drive would be formatted as a "bootable USB" first (whatever that means, I found a dozen different descriptions) and then further partitioned to include a secondary, non-bootable partition. On that second partition I want to create the computer's HDD clone, but not in the form of the USB HDD being a clone of the computer HDD, but the USB HDD containing a file (or a filesystem) that is an exact clone of the source HDD. Let us call it a "total HDD image". The goal is to have a single USB HDD that, in case of emergency (wannacry ?) I could connect to the computer in distress, boot from, and then restore the entire HDD from the total HDD image backup. The aim is to restore everything, bit for bit (boot bootstrap, system, Windows files, installed programs, user data, EVERYTHING).

Has anybody done this? Could it even be done or am I chasing an impossible dream? Microsoft is not helping with their constant "improvements" of backup and recovery mechanisms and associated mess of confusing terms that have changing meaning over time (like a system backup that may or may not include non-MS applications). Thanks.

We received a pile of responses on this one. Here's a selection of a few we felt might be helpful:

Werner from Wein, Austria -- I would highly recommend using Macrium Reflect. There is a unlimited free edition for download available which allows you to test this product or use it as long as you want if you are a home user:


Macrium creates a Windows PE rescure boot media (USB-Stick/USB-Harddisc/DVD/CD) and allows only by copying driver files to a specific folder of this boot media to support out of the box unknown drivers (e.g. for RAID controllers).

Frank -- I have done that with the free version of Macrium Reflect software. I made a bootable USB recovery drive. Then put Reflect (from the USB drive where I copied the version used) on the computer and restored my computer. I can use reflect to clone OR make a backup image that can be saved to a directory. If you buy Reflect you can save daily incremental backups so the image is always up to date.

Michael -- In our experience, Acronis is the most flexible and facile for source types, and creates reliable clones with a number of different restore options, including the type of "psedo bare metal", start from here type of restore. Totally worth the cost for a server level clone you can depend on. One tip: start with a dummy or server you can stand to lose. You do not want to have the first time you try a restore to be when you are biting your nails down to the elbows as to if it will work. Restore skills are every bit as important as backup skills and we practice them much less often.


Nash from Vancouver -- What Wlad is asking is possible in few ways. However the simplest way, in my opinion, which I personally use is the Acronis (there are various flavors of the imaging/back up software). He can use the USB stick/drive to boot up the PC/server to Acronis restore software and on the same disk can have images of all his machines he wants to restore. I am not related in any way to the Acronis people, I just use (my paid version) Acronis software and it saved my back several times.

Martin from Hamburg, Germany -- I'm using Clonezilla for that purpose:


I've either burned it on a CD-R mini Disk (8 cm) or put it on a bootable USB Stick with the Universal USB Installer:


That way I can separate tool and data. And if you use a USB-to-SATA cable with a standard SATA disk without an enclosure the fastest way to get up and running is simply putting the backup disk into the PC.

Simon from Atlanta, Georgia, USA -- At one point, I used a USB stick with two partitions. The first partition (200MB) held a bootable CloneZilla, and the second partition held the previously saved image (from a CloneZilla save). The only downside was that we had to use a Linux system to move files on/off the second partition -- Windows will only read the first partition on a USB stick.

Ted from Illinois, USA -- What it sounds like you are looking for is a StorageCraft Recovery Environment USB stick. If you use StorageCraft's ShadowProtect backup software, you can download the build kit for the Recovery Environment.


Once completed, you have a bootable environment that you can use to restore the image backup of your device's disk. StorageCraft supports recovery to non-alike hardware (but don't try recovering an Intel based image to AMD based machine or vice versa). Additionally, ShadowProtect backups can be restored/booted (depending on the version) to a virtual machine environment. I have used this recovery method for years for both simple machine moves to disaster recovery with great success.

Ask Our Readers - Firefox defaults (new question)

Stan, a Technical Sales Specialist based in the mid-Atlantic region of the USA, sent us the following question:

Every time I click on a link in an email and the link is either a .net or .org win7 always goes to IE, how can I change that to go to Firefox. I looked in the default program process and these extensions are not in there, any suggestions.

Do any readers out there use Firefox and know how to fix Stan's problem? Email us at [email protected]

Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at [email protected]

From the Mailbag

Last week a reader named Joanne who is an IT Director for a Canadian not-for-profit organization had a question which we thought some of our readers who manage datacenters might be able to answer:

In the clip you included from the UP2V article, it said: "Unfortunately, computers in these data centres are used to being up and running for lengthy periods of time. That means, when you restart them, components like memory chips and network cards fail." Is this a common thing? Why would restarting after being up for a long period of time suddenly cause them to fail? And does this mean that they should have scheduled reboots as part of their normal maintenance window? My company is too small to have a data centre but as we grow larger it sounds like something I need to keep in mind.

Nash from Vancouver, Canada responded to this as follows:

It is not a rule, but indeed it is common for long running equipment to fail after restart. The reason is that during the long use of electronics, the electric current and general heat on the devices will slowly dry out the electrolytes in electronic components (resistors, transistors etc.) but the equipment is in balance (stabilized current running through it) and it is operational. The moment the equipment is turned off, the balance is off and when the equipment is turned on, the strong current surges to energize the circuits, which is, in some cases enough to permanently damage the dried out electronic components. The solution to extend the life of any electronic is proper cooling. Also, servers/PCs: rebooting them, instead of powering them down and turning them on after.

Also last week when we mentioned a story about color printers "spying" on you we received the following clarification from a reader named Gary on why "fingerprinting" had originally been added to color printers:

I worked in the office equipment field since 1998 until retiring a couple years ago. Fingerprinting of color copies/prints was done at that time for the purpose tracing counterfeits back to the machine that made it. It was done by printing a pattern of yellow dots in the background that gave the serial number of the machine and date/time stamp. Yellow was used because it is not easily detectable to the naked eye.

Interestingly, a security researcher for CryptoAUSTRALIA is trying to develop a way to protect whistleblowers against hidden printer dots in laser printers:


Back in Issue #1134 we asked readers what the worst thing was that ever happened to them when they relied on GPS to drive to some destination. A reader named Jon responded:

For about five years, Google Maps thought my disaster recovery datacenter in rural Pennsylvania was in the middle of a lake.

A few issues further back we asked readers if they had any notable last words of famous people that have inspired, amused, or infuriated them. This response by Frank from Maryland, USA came in late but we just had to include it:

I remember him, so he must be famous. :)


Further back in Issue #1130 IT, coffee, and the gig economy we talked about being an IT pro in a shifting world where the gig economy is on the rise. Paul, an ex-principal of a business systems consulting company responded with:

Just a short note. I opted for the independence and flexibility (and uncertainty) of working as an independent in the Boston area for ten years. I had to give it up eventually in that I could not run fast enough to keep up with the technology. I didn't have time both to run an independent business and to stay educated. To me, that was the biggest disadvantage of moving from an industry where educational opportunities are offered, and sometimes mandated, by one's employer.

Paul has raised an important point here, namely, how can IT pros stay educated about the latest technologies while also doing their jobs? Any ideas from our readers? Email us at [email protected]

Also in Issue #1130 a reader named George commented that:

If you visit any country and try to speak their language, they will be flattered by your attempt. Not so France. Serving with the Air Force in Germany, I frequently drove into France and used my best French to order food and converse with the locals. Although I was fluent in six languages, my American accent gave me away, and the French either ignored me or responded grumpily in English. Never once did they continue the conversation in their own language. I guess they were telling me that my French (be it grammar or pronunciation) wasn't good enough for them.

George's comment interested Uwe, one of our European readers who lives in Berlin, Germany and who responded with;

I liked reading your latest wservernews.

About France and speaking French there: I'm from Germany and I did not learn French at school.

When I began to travel to France on holiday I took a half year evening course in French and when I was there I was so surprised that I was able to use every word I learned. People understood me and I sometimes understood them. Great. I never had any problems speaking my simple French in France, people always were very polite and tried to understand me.

My Experience is: If you go to France: speak French, If you speak English or German, they won't understand or become unpolite. The man of the world (is the translation OK?) speaks French and French men are all men of the world!

But be aware, everything said is NOT VALID in Paris, just at the countryside! Paris is a complete different thing, they don't like you speaking bad French!

I think it's much more complicated speaking bad German in Germany, people do not want to understand! If they find out you're English, they will immediately start speaking English with you if they know English.

Keep on writing!

Thanks for the encouragement! And now on to our main topic for this week's newsletter…

Windows 10 disantivirus

Was it intentional or did Microsoft just make a colossal goof? A colleague recently pointed me to the following thread in the Lenovo forum for Windows 10:

Re: Windows 10 Creator's Update - Not able to access LocalHost (Lenovo Community Forums)


The first entry quotes the following from an anonymous source at Intel:

"Microsoft changed the Defender engine to Microsoft Endpoint Security Manager, and has positioned it as the sole approved provider for Malware (anti-viral) defense. Our McAfee team is working on how to disable this product completely during third party install process but we are not seeing any way to completely disable it (Microsoft Endpoint / Defender) at this time."

Is it true? Has Microsoft changed something in Windows 10 with their Creators Update release that makes it impossible for third-party antivirus software to disable Windows Defender? I checked with a couple of other Microsoft MVPs and was informed that Trend Micro, ESET, and Kaspersky customers are also experiencing issues with Creators Update. I also checked various other online sources and found similar complaints like these ones dating back to the release of Creators Update in April:

Creators Update causes my McAfee Total protection to vanish up in thin air....desktop shortcut: nada didn't work, tile: gone, recycle bin & file explorer: not a trace (Microsoft Answers Community)


Windows Defender is trying to take over since Creators Update (Norton Community Forums)


Worry-Free Business Security (WFBS) 9.0 SP3 Critical Patch 4338 is released (Trend Micro Business Support)

"This critical patch prevents system instabilities from this issue by disabling Windows Defender when the Trend Micro Security Agent is loaded."


Windows Defender suggests that you disable ESET in Windows 10 (ESET Support)


My computer thinks Kaspersky Total Security is Disabled (Kaspersky Lab Forum)


All this reminded me of an article I had read back in January that had suggested that Creators Update might end up making third-party antivirus software "obsolete":


But given that Microsoft controls the operating system, the proper way to make third-party AV software obsolete would be to make the built-in AV components of Windows 10 so good that users will simply prefer to use this instead of purchasing third-party software. Changing the OS however so that third-party AV programs suddenly no longer work properly, and especially doing so without notifying AV vendors of the upcoming changes, is simply a good way for Microsoft to raise the ire of these AV vendors to such an extent that they file an antitrust complaint against Microsoft--which apparently Kaspersky Labs has now done:


How are readers who have a third-party client AV solution deployed and who have upgraded (or are considering upgrading) their client machines to Windows 10 Creators Update faring with all this? Email us your thoughts and stories: [email protected]

Send us your feedback

Got feedback about anything in this issue of WServerNews? Email us at [email protected]

Recommended for Learning

Azure Resource Manager step-by-step training

If you're looking for some good training on how to use Azure Resource Manager (ARM) you should stay tuned to the Hybrid Cloud Best Practices blog here:



Microsoft Virtual Academy

Cloud App Security: Understanding

Watch this course for a greater understanding of Microsoft Cloud App Security and its key functionality, benefits and advantages. Our expert instructors explore this comprehensive service and set of data protection features that also provide visibility into files and sharing status across cloud-based applications.


IT Pro Fitness Corner

Several of our readers have sent us their own fitness/weightloss tips and we've selected two of them for inclusion here in this week's newsletter. If you're an IT pro who is overweight or used to be so and you're making personal fitness a priority for your life, share your tips and stories with us by emailing us at [email protected]

Finding the right kind of exercise (by Quentin Gurney)

Quentin is an enterprise architect working for a fortune 100 company.

Find some kind of exercise you can do socially with friends. If you want to go to the gym, get a buddy. If you want to go to a Zumba class, find someone to go with you. There is nothing like getting a group together to challenge each other. I guarantee you will work harder just because you are with someone. They will as well, so it is good for both of you.

WARNING: You will be tempted to go celebrate by eating. A bit self-defeating if you do it too often. If you are going to do that, try to limit your calorie intake prior to the celebration and try to be healthy there too. Or celebrate by getting a nicer pair of jogging shoes, or a new set of pants that fits your shrinking frame.

You can find Quentin here on LinkedIn:


The 80/20 rule for weightloss (by Steve Mazzella)

Steve is 56 years old and is a Technical Project Manager for IT at a university. He reports that he has now lost 100 pounds and has been successful at maintaining most of the loss! Here is one of the helpful weightloss/fitness tips he wanted to share with our readers:

Losing weight is 80% what goes in your mouth and 20% physical activity. Unless you change your diet permanently, you can't win this battle. Learn about eating healthier and then make the necessary changes over time. It's still ok to indulge yourself OCCASIONALLY especially as rewards. High stress days and the associated stress eating happen -- tomorrow's a new day. You can eat most of the things that you eat now, just in MUCH smaller quantities.

You can find Steve here on LinkedIn:


Disclaimer: I'm not a certified fitness professional or nutritionist so take any suggestions made here "as is" with a grain of salt and a heaping supply of your own judgment. Help other readers of this newsletter lose weight and get fit by sending your own weightloss and/or fitness tips to us at [email protected]


Factoid of the Week

Last week's factoid and question was this:

The phrase "too much queep" means too much paperwork in US Air Force lingo. Do any readers know or use any similar weird jargon that expresses frustration in the workplace?

We only received a few responses to this one and they were all a bit colorful:

We refer to boneheaded end-users as "having an I D 10 T Error" (pronounced "eye-dee-ten-tee," which is easily translated on paper. And when I was about to cross the point of no return into DEEP doo-doo, my boss will say "Are we gonna have a donkey barbecue?" (That would be an "ass chewin'.") --Don

In the deep south, we still use the phrase, "Well, bless your heart" which really means, "f* you". --Sonja from Tallahassee, Florida

Now let's move on to this week's factoid:

Fact: Millennials are driving a resurgence of age-old crafts, choosing to become bartenders, butchers and barbers in part as a reaction to the digital age

Source: http://www.wservernews.com/go/8yg4bhgq/

Question: If you could quit your IT job today, what retro-style job would you prefer as a new career?

Email your answer to us at: [email protected]

Until next week, 

Mitch Tulloch


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at [email protected]

Get on-demand DR in the cloud with Veeam PN for Microsoft Azure. Discover how Veeam PN simplifies and automates the setup of a DR site in Azure using lightweight, software-defined networking.


DriverView utility displays the list of all device drivers currently loaded on your system:


Policy Analyzer is a Microsoft utility for analyzing and comparing sets of Group Policy Objects (GPOs):


Diskspd is a versatile storage testing tool that combines robust and granular IO workload definition with flexible runtime and output options:



This Week's Tips

GOT TIPS you'd like to share with other readers? Email us at [email protected]

Windows - Debugging svchost.exe

Justin from APAC escalation team at Microsoft has a geeky tip on how you can figure out which services are hosted in a svchost.exe in kernel memory dump:


Skype for Business - Simplified port requirements

Thomas Binder has a post on the new Microsoft Tech Community site that explains which ports are needed for clients to be able to directly connect to Skype for Business Online:


Microsoft - Docs.com

Mitch Garvis shares how he solved a validation failure when building a two-node cluster of Windows Server 2016 Hyper-V hosts:As you probably know Microsoft will be retiring the Docs.com service on December 15, 2017 and advises users to move their existing Docs.com content to other file storage platforms as soon as possible. Justin Gao has a blog post on how you can do this:


Events Calendar

Microsoft Worldwide Partner Conference (WPC) on July 9-13, 2017 in Washington, D.C.


Microsoft Ignite on September 25-29, 2017 in Orlando, Florida


Add Your Event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact [email protected]

New on TechGenix.com

Microsoft unveils ITSM integrations with OMS

Microsoft has integrated ITSM solutions within Microsoft Operations Management Suite, making managing a hybrid IT environment much more seamless.


Android clickjacking: University researchers uncover dangerous permissions flaw

Android clickjacking, where hackers use a permissions flaw to in effect take over the device, is a real threat, according to a new research report.


What cloud native means in the container era

Cloud native reflects the shift from a monolithic to a microservices architecture. Here are the tools and trends spurring this movement.


Microsoft Azure ND-series offers more GPUs, power

Microsoft has unveiled a new Azure ND-series with more GPUs and increased power, making it perfect for large-scale training jobs.


Server Management Tools for Windows Server: Available features

Microsoft has unveiled a new Azure ND-series with more GPUs and increased power, making it perfect for large-scale training jobs.



Tech Briefing - PowerShell

This week in our Tech Briefing section we're going to focus on Windows PowerShell:

PowerShell leveraging WEBDAV to get listing of files in a SharePoint 2013 Document Library (SharePoint Thinks, Links and Clinks)

How to use PowerShell to get a directory listing without leveraging any
PSSnapins, Modules or custom code:


Tips & Tricks for Writing your Own PowerShell System Monitoring Tool (Microsoft MVP Award Program Blog)

This post was written by Office Servers and Services MVP Hilton Giesenow as part of the Technical Tuesday series


How to create new Virtual Desktop in Windows 10 using PowerShell (OneScript Team Blog)

This is sample code demonstrates how to create new Virtual Desktop in Windows 10 using PowerShell:


Profile Power: Tidy Up My Personal Certificate Store (PoSh Chap)

This script will create an object for the current user's personal certificate store, set a couple of opening flags, open the store, and obtain the certificates from the store:


Testing PowerShell with Pester (Microsoft MVP Award Program Blog)

This post was written by Cloud and Datacenter Management MVP Adam Bertram as part of the Technical Tuesday series:


Other Articles of Interest

Running Agile at scale: Three challenges

Across large enterprises, IT leaders are developing a new operating model to respond to digital demands. This model presumes that applications development will need to scale the use of Agile methods if teams are to support digital products and services at the cadence of continuous delivery. Access to learn the three challenges you may face in running Agile at scale.


PowerShell workflows can overcome limits of scripts

PowerShell scripts have their strengths -- and a few glaring weaknesses. Use PowerShell workflows to get around a few common technical restrictions.


Virtual private cloud offers an alternative to on premises computing

Many enterprises understand the benefits of public cloud, but would rather have them in a single-tenant environment. Here's how virtual private clouds help meet that need.


Manage OpenStack deployments with Red Hat's Platform Director

An OpenStack deployment doesn't always come easy for an IT team. Learn how Red Hat's Platform Director can help with OpenStack implementation and lifecycle management.



WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]

How To Play Classical Music With A Ping Pong Ball

The amazing Mozart Group combine superb musical skills with creative humor, joy and fun. Hilarious and entertaining:


Dancing Animals - 'Hello Summer'

Animals dancing to the song 'Hello Summer' by Rameez:


People Are Awesome - Best Of June 2017

Awesome people doing amazing things - gymnastics, basketball, cycling, parkour, soccer, para-surfing, freerunning, frisbee, skateboarding, skydiving and more:


Super Dads Can Do Anything

Super Dads can do anything! An inspirational video for all dads out there:


WServerNews - Product of the Week

Free Tool: Permissions Analyzer for Active Directory 


SolarWinds® Permissions Analyzer for Active Directory™ gives you instant visibility into user and group permissions and a complete hierarchical view of the effective permissions and access rights for a specific NTFS file folder or share drive – all from a user friendly desktop dashboard.  Browse permissions by group or individual user, and analyze user permissions based on group membership combined with specific permissions.  Unravel a tangled mess of file permissions: network share, folder, Active Directory, inherent, explicit, calculated and more.

Download the Free Permissions Analyzer Tool Today. 

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his  outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.