There are times on Windows PCs when a malware scan is a good idea, even if some kind of anti-malware program is resident. That’s probably why Microsoft updates its own malware scanning tool, known as the Malicious Software Removal Tool aka MRT.exe, on a monthly basis. It also runs that tool at the same frequency in the background (when the updates for Patch Tuesday get run). Although you can turn to excellent and free third-party tools such as Trend Micro’s HouseCall or MalwareBytes Anti-Malware (aka MBAM) instead, you can also run built-in malware scanning via MRT.exe any time you like (it resides in the %Windir%\System32 directory).
Type MRT.exe into the Win10 search box, and presto! you can run it directly and immediately.
Any Downsides to Built-In Malware Scanning via MRT.exe?
The foregoing section head poses a reasonable question regarding a tool updated once a month. Certainly, you should understand why Microsoft states that MRT is not, and can never be, a replacement or substitute for anti-malware software. It offer no real-time protection as such software invariably does, and its infrequent update cycle means it can’t keep up with the most current (or zero-day) threats. But if you should ever find yourself in urgent need of a quick malware scan — especially in a situation where you have no Internet acccess, or have deliberately disabled such access to prevent a presumed infection from propagating — MRT.exe should almost always be available for immediate and direct use on any modern Windows PC (versions 7, 8, 8.1 or 10, in other words).
Check-ups/Clean-ups for Malware Scanning via MRT.exe
Because the tool goes poking around amidst sensitive and critical system files — and may even attempt deletions and clean-up in the %windir% folder hierarchy — you must run the program from an administrative account (usually, an account that’s a member of a local or domain administrators’ group for the target PC). Otherwise, the tool won’t have sufficient permissions to do its job properly. It runs pretty much on its own and doesn’t require user input once launched. The tool does take some while to run (and explains why Windows Update often takes as long as half an hour to complete). Even on my way-fast production PC with its Samsung 950 NVMe SSD, the program took more than 10 minutes to run to completion.
In my never-ending quest for good Windows admin tools, I occasionally post mini-reviews and pointers here in this blog. My latest find is a narrowly focused cleanup tool called UnCleaner. It comes from utility maker Josh Cell Softwares (their name, not mine). They also offer tools to manage Windows startup, bootable USB media, and other file facilities. Based in Quebec, Canada, the company offers interesting Windows tools with a somewhat fractured command of English that adds to their charm. This provides another Admin toolbox item: Uncleaner to add to my open-ended collection.
The spare and Spartan interface shows how simple and focused Uncleaner really is.
What Does Admin Toolbox item: Uncleaner Actually Clean?
Simply put, Uncleaner finds and removes unneeded files on Windows PCs where it’s run. The items it identifies for clean-up are log files and items from the Temp directory inside individual user accounts. This is shown in the following partial list from my Surface Pro 3 running Windows 10 1511 Build 14352.1002 (Current Branch release, preview version):
Check through the files list of items to be cleaned, and you see a sharp focus on temp and log files.
I’ve tried the utility on numerous systems, and have never noticed — or seen reported — errors or problems related to removing supposedly unneeded files that turn out to be needed after all. That’s always a concern for file clean-up utilities in general, but apparently not a concern for Uncleaner.
If you’re single-minded in wishing to be rid of all the dross that Windows can deposit in its file systems, Uncleaner is a tool worth downloading and installing. If you give it a try, and decide you like it, you might also want to make a small donation to its makers. They’ve got a link for that purpose on their Website. I gave them $5 for this nice piece of work; you may wish to do likewise. Admin toolbox item: Uncleaner is now part of my Windows collection, and perhaps should be part of yours as well.
The proportion of Windows users running Windows 10 varies, according to the source for such data. But as a rising tide floats all boats, so recently do several metrics show the Windows 10 share of desktops going up, up, up. The current numbers from NetMarketShare.com put Windows 10 solidly in the number 2 slot at 17.43% behind Windows 7 at 48.57%. XP remains in third place at 10.09%, though adding both Windows 8 versions (8 and 8.1) edges ahead at 11.38% (at 8.77% for 8.1 and 2.62% for 8). That puts the range for Win10 desktopshare 17-23% in May 2016.
The US Government is another major source for this kind of information, through its analytics.usa.gov website. It reports only on visitors to its own websites for a more USA-centric view of the online world. Its numbers put Windows 10 at 23.5% of visitors running Windows versions, or at 19.6% of visitors not running either iOS or Android (a different way to get to a desktop focus). This means that Windows 10 is running on 12.1% of all devices accessing those websites, FWIW. The government numbers come in at the top of the Win10 desktopshare 17-23% range.
I’m surprised to see XP still so strongly represented in the NetMarketShare numbers at 10.09% when analytics.usa.gov reports only 1.4% of its visitors running the same OS. Possibly, this reflects a larger base of hangers-on outside the USA that shows up in NetMarketShare’s more global population. That’s ironic, because various agencies and arms of the US Government have some of the largest continuing support contracts for XP still running to this day, to the tune of millions of dollars per year.
The last figures for active devices running Windows 10 came from Microsoft on May 5 at 300 million. Given current run rates between 23 and 30 million new devices per month, that means the current total is probably in the neighborhood of 320-300 million as of the beginning of June. Take a look at how this graphs out in terms of getting to the 1 billion mark, extrapolating with growth rates in those two increments:
Looks like 2018 is a more likely year for Microsoft to hit the “one billion served” mark for Win10!
The way I read these chart lines, I see the 1 billion mark occurring sometime between April and December in 2018 if those monthly growth rates continue unabated. But who knows if the numbers will keep going so strong once the free upgrade deadline comes and goes at the end of July? If I were forced to bet on the trend, I’d be inclined to bet against that proposition. Microsoft’s goal is probably not a dream deferred at this point, but it could easily become a dream delayed.
Ever since Windows 10 arrived, Microsoft has been attempting what some might call Win10 upgrade tricks to get Windows 7 and 8.1 users to install that free upgrade. Over time, their approach has varied. Here’s a litany of the various Windows Update offers MS has tried to move users up the OS ladder.
Older Win10 Upgrade Tricks
The “Get Windows 10” offer (usually abbreviated as GWX, where the X is actually the Roman numeral 10) first appeared late last year. Two good fixes include the GXW Control Panel and Steve Gibson’s Never10. Install either of these programs and the offers will disappear forever (or until after July 29, if indeed the free upgrade expires on that date).
The automatically ticked selection for Windows 10 upgrade in the host OS’s optional update list. Those who find this item checked need to uncheck it to prevent an unwanted or unintended Windows 10 upgrade adventure.
The migration of the Upgrade to Windows 10 from Optional to Recommended in Windows Update. You can always click the navigation arrow at the upper left to return to the Windows Update home page, or again: close the WU window with the X at the upper right.
Here’s the latest of the Win10 Upgrade Tricks
And as of last week, the reworking of the GWX offer in a new format to persuade users to take the Win10 plunge. GWX Control Panel and Never10 (links provided earlier in this blog post) will also defeat this offer screen as well.
Source: Tom’s Hardware, 5/14/2016
The key to avoiding an automatic or unwanted upgrade is to remember that upgrades, like insults and alcohol only affect those who internalize them. If you refuse the upgrade it won’t be installed on your machine. That said, MS has made an important change to the Window’s behavior with this latest version. Before, you could always close the Windows Update window to bail out by clicking the X in the upper right corner (the navigation gives you no other option to escape its clutches, unless you click on the link labeled “here” which does give you the option to reset the time or to cancel the upgrade schedule completely). In this latest GWX offer, clicking the X is interpreted as granting consent to perform the upgrade, and that’s just what Windows Update will do. You MUST click the small blue-ish here to avoid this unwanted outcome!! And if the upgrade does show up on your machine uninvited by some unhappy chance, you can elect to roll back to the previous version of Windows instead of keeping the new OS install. Sigh.
[Note added 5/25/2016 3:40 PM] Check out this article from Winbeta.org entitled “Microsoft provides some hints on how to manage when and how you upgrade to Windows 10” by Vu Anh Nguyen. It shows all of the bail-out opportunities that MS provides to skip the upgrade at each step along that path. The main takeaway is that “You can avoid the upgrade if you want to.” The corollary is “Turn off auto-pilot and don’t simply close the offer window. Follow the prompts instead.” Sigh again.
IT administrators that don’t have the ball rolling on a Windows 10 upgrade for their companies might be haunted by Will Smith’s voice reading Raphael de la Ghetto’s poem in The Fresh Prince of Bel Air: “Tick tock clock, the clock is ticking for you.”
Why is the clock ticking? Well, believe it or not, Windows 10 celebrates its first birthday on July 29. While most birthday parties are celebrations with cake and presents, this anniversary is more like a deadline; it signals the end of the free upgrade period. Any company that hesitates much longer will be forced to purchase a Windows 10 license with its upgrade, which can be pricey. The Windows 10 Pro license, for example, costs $199. And because Windows 10 is the last new OS Microsoft plans to release, most organizations will make the move to it eventually so why not do it while it’s free?
Hesitation is particularly costly for Windows 7 customers because the OS is already in extended support, which means companies have to pay Microsoft for any traditional support needs on the OS. Extended support won’t last forever either. It is scheduled to end in January 2020.
So with the clock ticking on the free upgrade period, the IT procrastinators are probably wondering how they can get a free upgrade before it’s too late and how the upgrade process works in general. First of all, the free upgrade is only available on qualified version of Windows 7 and 8.1. The qualified versions include:
- Windows 8.1
- Windows 8.1 with Bing
- Windows 7 Starter
- Windows 7 Home Basic
- Windows 7 Home Premium
- Windows 7 Professional
- Windows 7 Ultimate
Once admins have determined if their users qualify for the free upgrade, they must take a few considerations very seriously. Their hardware must be compatible with the new operating system. To run the 32-bit version of Windows 10, for example, the minimum requirements include 1 GHZ or faster CPU, 1 GB of RAM, 16 GB free disk space and a display that supports 1024×600 resolution.
Application compatibility is also something to keep in mind. Yes, most Windows 7 and 8 apps do work on Windows 10, but they might need patches to function properly. Before making the move to Windows 10 admins should take stock of their app inventory and research any apps that might have issues. Admins should not overlook infrastructure apps either. Some older apps, such as aging antivirus software, might run into problems with the new OS.
Clearly the time is now to make the move to Windows 10. Take stock of hardware and apps and get a plan in place before it’s too late.
Last week, Microsoft released the so-called “Convenience Rollup” for Windows 7 Service Pack 1. It’s described in a 5/17/2016 Microsoft KB article entitled “Convenience rollup update for Windows 7 SP1 and Windows Server 2008 R2 SP1.” Hidden amidst the reason it was created and some gotchas inherent in its application is a killer reason to upgrade Windows 7 to 10 instead.
The Intro to KB3125574 explains the convenience rollup quite nicely.
According to the article’s Introduction:
“This rollup package includes almost all the updates that were released after the release of SP1 for Windows 7 and Windows Server 2008 R2, through April 2016. This convenience rollup is intended to make it easy to integrate fixes that were released after SP1 for Windows 7 and Windows Server 2008 R2. We recommend that you include this rollup package in the image creation process to make it easier to quickly set up a computer.”
Long WU Waits Explain Why It’s Smart to Upgrade Windows 7 to 10
Paul Thurrott took the bait on this suggestion, and decided to see how long it would take to clean install Windows 7 on a PC, using both Windows Update from the installation media (avoiding the convenience roll-up), and using that roll-up to try to expedite the process. His results range from scary to downright horrifying, as recounted in his 5/21/2016 story entitled “The Convenience Rollup Makes a Big Difference, But Windows 7 Updating is Still Broken.” His investigation highlights what’s I’m calling the killer reason to upgrade Windows 7 to 10: time!
When boiled down to time required to complete a clean install, those results boil down to 9.5 hours for a clean install without the convenience rollup, over three hours (he declines to provide an exact time figure) using the rollup. Each approach involves very slow download times from Windows Update, but with fewer updates required when using the rollup the amount of time spent waiting for downloads to complete declines substantially. His overall time estimates also include troubleshooting drivers, and downloading and installing Optional Updates as per usual Windows 7 Update practice. Reading his account carefully, however, it’s obvious that much of the time involved is spent waiting for Windows Update to complete!
I performed a clean install of the current Windows 10 Technical Preview last week on a test PC (Version 1511, Build 14342.1000, subsequently upgraded to 14342.1001). The whole effort, including both initial installation and subsequent upgrade, took 25 minutes. All the drivers came out correctly (first time ever for Windows 10 to supply the right driver for my Killer 2200 GbE NIC) so no further post-install cleanup was needed.
I think Thurrott is onto something important in his story, and it represents the “killer reason” to upgrade Windows 7 to 10: time. Who wants to spend half a day to a long day just to perform a clean OS install? or to build a curated image of the OS for multiple such installs? Too much time, too little reward methinks.
As fate would have it, I was on the phone yesterday when my production desktop starting dinging madly, ringing the USB device added (or removed) sound on and off repeatedly. “What in the world?” I thought to myself as I continued on with my call resolving to check things out ASAP once it ended. Sure enough, upon jumping into Event Viewer, I saw the following error events in my event log that flagged a Volsnap error (from the Volume Shadow Copy service, aka VSS):
The phrase “IO failure” tells me exactly what I needed to know.
The drive in question is attached via USB 2.0 to my production PC, and I use it primarily to store my weekly image and nightly incremental backups, so it is kind of important to my system’s overall health and well being. Some quick online research informed me that this means my drive is probably failing, because bad sectors (and attempts to write to them) are what usually triggers this error to be reported.
What This Volsnap Error Means Is…
Apparently, it’s time for me to replace my backup drive. Looking back at my records, I see I bought this drive in 2010, so it is out of warranty. It’s also given me almost 6 years of solid dependable service, so I’m OK with having to rotate it out. The only downside is that it’s home to 1.52 TB of data (it’s a backup drive, remember?) and that’s going to take hours to copy from the old drive to the new one. In the meantime, I’m going to retarget my backup utilities (I use Acronis for nightly incrementals and weekly full backups, and the built-in Windows Backup utility for weekly image snapshots) to a different drive until I can bring in and set up its replacement. Based on the recent Backblaze report, it looks like I should buy a 4TB HGST drive. Looks like I can pick up an HGST Ultrastar from Newegg for about $225. Sure I could spend $75 less and get the Deskstar of the same 4TB capacity, but given that I’m using this drive for backup, I want something that will hopefully last as long as the drive it’s replacing, if not longer.
Here’s an odd fact of Windows 10 life: MS has made much of Windows Hello for biometric identification including support for fingerprint readers at login. But if you try to set up Windows Hello on a properly equipped PC, you must first define a personal identification number (PIN) as an alternate login technique to supplement your password, before you can access the Windows Hello capabilities (including fingerprint set-up). That’s right: using a fingerprint reader requires PIN login in Windows 10! Otherwise, you may beat your head against the wall for some time before figuring out that something is missing from the PC local set-up. Here’s an illustrative screen cap from Settings –> Accounts –> Sign-in options from my Surface Pro 3 tablet, equipped with a Type Cover with Fingerprint Reader.
The proximity of PIN and Windows Hello is apparently no accident here!
No PIN, No Hello: Yes, Fingerprint reader requires PIN login!
In reading over a variety of forum posts at TenForums and social.microsoft.com recently, this point was forcefully brought home to me. I had dithered about with the new Type Cover when I purchased it late last year, but it didn’t dawn on me until seeing those posts that it is apparently impossible to take advantage of Windows Hello (whatever biometric device you might choose to use) without first creating a PIN as an alternate login method.
Fortunately, this is easy to do. Click your way through the Settings –> Accounts –> Sign-in sequence in Windows 10. If you haven’t defined a PIN on the current PC, you’ll see a portion of the UI that looks like this:
A PIN is a string of numbers (usually 4 in count).
Once a PIN has been defined, the fingerprint or other biometric devices will show up and you can start configuring and using them. Go ahead, knock yourself out!
Last week, Microsoft Support released an article to TechNet that details “Top Support Solutions for Windows 10.” While many of them apply to power users and IT professionals alike, there are several categories of information aimed directly at IT professionals facing or contemplating larger-scale Windows 10 roll-outs. These should be of great potential help to those looking to avoid the top Win10 deployment issues that MS Support has already encountered.
The banner from this 5/3/16 TechNet article says it all.
Here’s a snapshot of the relevant content with links to details about top Win10 deployment issues, straight from that source (numbered items are renumbered in sequence for readability):
- Solutions related to inability to activate Windows:
- Windows 10 Volume Activation Tips
- Error 0xC004F015 when you try to activate Windows 10 Enterprise on a Windows Server 2012 R2 KMS host
- How to Activate and resolve common Product key issues in Windows 10
- Windows 10 activation errors
- Solutions related to installing Windows updates or hotfixes:
- Windows 10, WindowsUpdate.log and how to view it with PowerShell or Tracefmt.exe
- How to read Windows Update logs in Windows 10
- Solutions related to common setup, installation, and deployment issues:
- Troubleshooting common Windows 10 upgrade errors and issues
- How to manage Windows 10 notification and upgrade options
- Sysprep fails after removing or updating Windows built-in Windows Store apps
- Deploy Windows 10 with the Microsoft Deployment Toolkit
- Upgrade to Windows 10 with the Microsoft Deployment Toolkit
- Getting Started with Windows 10 for IT Professionals
- Windows 10 Deployment Guide
- Solutions related to Windows Volume Activation:
- Windows 10 Volume Activation Tips
- Error 0xC004F015 when you try to activate Windows 10 Enterprise on a Windows Server 2012 R2 KMS host
List Items from Top Win10 Deployment Issues of Interest to IT Pros
In particular, the entries under items 3 and 4 are likely to be of great interest to those IT Pros inclined to work with the Microsoft Assessment and Deployment Toolkit (ADK) and/or who face potential issues related to volume licensing and activations via a Key Management Server (KMS) for Windows 10 Enterprise. These items also point to important documentation related to the ADK, and should help IT Pros get a running start into planning for, piloting, and eventually rolling Windows 10 out into production. Please take advantage of this opportunity to gain insight from the folks at Microsoft support about the top Win10 deployment issues they’ve already been asked to help out on by early adopters.
In Q4 2015 Terry Halvorsen, the Chief Information Officer for the US Department of Defense decreed that all branches of the military needed to migrate to Windows 10 by Q1 2017. As it often does, the US Marine Corps (USMC) volunteered to go first in this effort. In all the DoD has around three million desktops (including both physical and virtual machines) to update, so it made sense for the smallest of the four major military branches (Army, Navy, Air Force, and Marines) to go forth as a kind of initial pilot group anyway. Alas, along the way the USMC found that it encountered an unexpected Win10 update snag: the target hardware platforms lag far enough behind current technology that remote, unattended upgrades have proved more problematic than initially projected.
Older hardware makes no-touch Windows 10 upgrades less likely to succeed.
As reported in a May 12 story from FederalNewsRadio.com entitled “Outdated hardware snags Marines’ migration to Windows 10” the service found that only about 10 percent of its computers were amenable to remote, no-touch upgrades to Windows 10. They had been expecting that this approach would work with somewhere between 60 and 70 percent of the computers on the Marine Corps Enterprise Network (MCEN). Thus, this result comes as something of an unpleasant and potentially expensive surprise. In proffering an explanation for the Win10 update snag at a meeting of the Washington, DC chapter of the AFCEA, USMC CIO Brigadier Dennis Crall said:
Our challenges are with hardware, and hardware that is older than a couple years is having more difficulty accepting Windows 10 than hardware that is new. And when you look at what ‘new’ means within DoD, we purchase yesterday’s technology tomorrow. A lot of our brand-new systems are having difficulty with the upgrade as soon as they come out of the box, and we didn’t anticipate that.
What’s Causing the Win10 Update Snag?
I’ve got to give General Crall credit for the wonderful tagline bolded in the preceding quote (emphasis mine), but this upgrade effort faces serious problems for several reasons:
- Increasing the level of human interaction means more time, effort, and expense in achieving the overall upgrade. Add more expense for refreshing those machines that remain unable to be upgraded despite the added effort.
- The services now have to juggle the cost of the added expense for human effort against the costs of purchasing newer Win10-ready hardware. In cases where the cost of effort surpasses that for new gear, it makes more sense to “buy up,” but that was clearly not part of the original budgetary equation.
- Some upgrades will not be able to exploit all of Windows 10’s advanced security features (for example, only UEFI machines can use Secure Boot and only machines that support the latest virtualization features can use Credential Guard). This means not all upgraded machines — especially older ones — may not be able to comply fully with the DoD’s “secure host baseline.” This is a common set of security configurations across the many millions of PCs under its aegis. Making exceptions for security poses well-known problems, too.
Virtualization appears to offer a partial remedy to the Win10 update snag. Bill Marion, deputy CIO for the Air Force, questions the need for thick clients for all circumstances, and observes that “the cost of a traditional desktop and office software and the security that goes around that is pretty expensive.” The USAF is pondering more use of “mobile devices[s] with a containerized cloud application [that is] lightweight, better encrypted, [and] easier to defend” as a possible alternative, he says. Admittedly, virtualization is better suited for what he describes as a “garrison environment” but native hardware appears better suited for the “tactical environment” for field operations. This approach could provide some much-needed relief for the services upgrade effort, though, and let the military concentrate on hardware upgrades where they could do the most good and create the greatest impact for the expense involved.
In general the military seems convinced that Windows 10 is a much more secure OS than earlier Windows versions, and fairly eager to get to that platform so as to benefit from what Halvorsen calls “security baked in from the beginning.” He remains positive that 80-plus percent of the DoD’s laptops and desktops will meet the January 2017 upgrade deadline, because most of them reside in offices on military bases and are managed through the Navy-USMC Intranet or the Air Force AFNET. The remaining 20-odd percent is another story, and may have to stay where they are on waiver status for years because they are integrated into weapons systems that might be at sea, are outside the USA, or are engaged on active military service missions. Thus, for example, the Navy has shipboard platforms still based on Windows XP that probably won’t be upgraded for years to come. Let’s hope that such systems never get exposed to external penetration attempts! But that means the Win10 update snag appears poised to persist for some time for specific hard-to-upgrade systems.
[Note: thanks to Cluster Head at TenForums.com who brought this story to my attention: Danke Schoen, mein Freund!]