Windows Enterprise Desktop

October 22, 2010  4:59 PM

Happy First Birthday, Windows 7

Ed Tittel Ed Tittel Profile: Ed Tittel

Today it’s been exactly one year since Windows 7 was released to the general public — what Microsoft calls “General Availability” or GA. It’s been a busy hectic year for the latest Windows OS, and it looks like Microsoft is finally starting to back itself out of the hole that it dug for itself with Windows Vista and the terrible driver debacle that went along with it. For me, the past couple of years have been an incredibly busy period of learning and writing activity, as I’ve learned to understand and use Windows 7 more efficiently and effectively on my own systems and networks, and in documenting its use in those of others who work on a much grander scale.

For some interesting further ruminations on Windows 7’s birthday, see Preston Gralla’s terrific Seeing Through Windows column at ComputerWorld entitled “On Windows 7’s one-year anniversary, Windows XP still rules” where he points out that despite Windows 7 dramatic gains in market share, XP still enjoys a 4-to-1 advantage in terms of total deployments. He also observes that at Windows 7’s current growth rate, it won’t surpass XP in the field until Q3’2012 &mash; at which point it’s quite likely that Windows 8 will be on the scene. He further observes that Windows XP is a solid, stable OS that “…keeps chugging along” (in terms of the coming Halloween season, I like to think of it as “the OS that wouldn’t die!” ;-).

A more enthusiastic (and less historical) viewpoint is available in Brandon LeBlanc’s entry on the Windows Blog for today entitled “Celebrating Windows 7 at 1 year — More than 240 Million Licenses Sold.” Check this out for all kinds of breathless statistics that should leave you wondering how the world possibly managed to cope without Windows 7 before October 21, 2009. It also offers no fewer than seven lists of favorite Windows 7 highlights (better grab and drink a cup of coffee before you try to plow through this stuff, though some of it is worth looking at and remembering).

At any rate, it is another anniversary for the world to remember, and on the whole rather better than worse as anniversaries go. Happy Birthday Windows 7!

October 15, 2010  7:54 PM

Windows 7 Family Pack Sales Now Underway

Ed Tittel Ed Tittel Profile: Ed Tittel

Right now for $149.99 (or $145 at Amazon, if you’d care to bargain hunt) you can pick up a 3-license upgrade pack for Windows 7 Home User. This is truly one of those “act fast, supplies are limited” deals, too. Last year, MS offered the same deal and it lasted less than three weeks, which makes it tempting to speculate that they built a certain number of packages for this offering. When they ran out, the offering ended. I’d be very surprised if things didn’t turn out the same way this time around, too.

Not much different from the standard Win7 DVD retail package

While those supplies do last, you can pick them up at all the usual e-tailers or at the Microsoft Store. What’s fascinating to me is the Microsoft has to do special, limited-time promotions to push these multipacks out of the door. You’d think they’d want to make these available all the time, and get more copies of Windows out there in the world.

October 13, 2010  2:34 PM

Biggest Patch Tuesday Ever: October, 2010

Ed Tittel Ed Tittel Profile: Ed Tittel

Gadzooks! I almost fell out of my chair yesterday, when I checked Windows Update just after lunch, as is my usual wont on Patch Tuesdays. There were no less than seventeen (17!!) updates waiting for me to download onto my production machine, and as I worked my way through my notebook (I’m currently caring and feeding for 6 of them right at this moment, because my Dad and his D630 notebook are visiting right now, and I bought a D620 for him to take back to Virginia with him for my nephew, Collin) and four desktop PCs, the number of updates ranged from a high of 15 to a low of 12 for the rest of those other machines. Of course, one of those items is the standard Windows Malicious Software Removal Tool (October 2010/KB890830) so there is really one less actual security updates and patches involved in this latest batch.

For the complete details on this enormous batch of items, see the Microsoft Security Bulletin Summary for October 2010. For other interesting coverage, see Emil Protalinski’s October 2010 Patch Tuesday will come with the most bulletins ever at Ars Technica, and SoftPedia’s Patches Released for 49 Vulnerabilities in Windows, IE, Office, and .NET. Of the 16 actual security bulletins, 4 are rated Critical, 10 Important, and 2 Moderate. Looking over the mix of operating systems, platforms, frameworks, and applications involved, IT or security staff will want to look these over quickly, and get all of the Critical and at least some of the Important and perhaps even Moderate items into testing, and ultimately into deployment, with some dispatch. Windows 7 is now definitely into the mainstream with many more of the individual bulletins listing both 32- and 64-bit versions of Windows 7 among the affected platforms (only 4 of 13 show “not applicable” for those bulletins that target Windows OSes).

October 11, 2010  1:33 PM

Selling/surplusing PCs? Replace and crush the hard disks!

Ed Tittel Ed Tittel Profile: Ed Tittel

I’ve been working on revising a couple of books lately — namely, the CISSP Study Guide (going into a 5th edition) and Computer Forensics JumpStart (for a 2nd edition; both books for Sybex/Wiley) — and in that context found this Q&A extremely interesting. It’s entitled “What’s the best way to compleely remove everything from a computer, without re-installing?” and it addresses sanitization of a PC in advance of its sale to a third party.

In a nutshell, the solution posted to this query essentially involves multiple levels of hard disk clean-up, then free-space scrubbing (so-called/claimed “secure erasure”) to remove all traces of files removed during the clean-up effort (see the posting for the details, which may of interest to individuals seeking to squeak a few extra bucks out of personal equipment, perhaps to help fund the purchase of replacement gear). This is all well and good for machines that have never played host to anything sensitive, proprietary, or protected under various rules and regulations governing customer, client, or patient confidentiality.

This is not a viable solution for corporate gear. Under no circumstances should hard disks that have been used for business purposes ever be re-sold to a third party. Baldly put, these devices need to be securely destroyed to prevent their contents from getting into the wrong hands. After reading (and in some cases writing) about the kinds of tools and techniques available for data recovery and restoration, and understanding the liability and risk exposures that unauthorized access to such data can pose, the only truly safe way to dispose of hard disks used for business purposes is to subject them to some process that damages the platters on hard disks sufficiently that the pieces can’t be put back together again for aggressive scanning and recovery efforts.

That means crushing, shredding, or otherwise mangling the devices so that they simply can’t be accessed and read ever again. With storage as cheap as it is today, it even makes sense to remove and replace drives when equipment is slated for donation to schools or charities, as is sometimes the case with corporate equipment retirements. Anything less risks data discovery, and is simply not worth the potential exposure incurred thereby. Make this stipulation part of your security and lifecycle management policies, and you’ll never have cause to regret this decision.

October 8, 2010  6:35 PM

Great Audio from PC to Sound System via ZZcoustics

Ed Tittel Ed Tittel Profile: Ed Tittel

Back in 2005, I had the privelege and the pleasure to work with Mike Chin (the guru behind and Matt Wright (a PC video maven who writes for sites like and on a book entitled Build the Ultimate Home Theater PC. It let me ride a favorite hobby-horse of mine: namely, an intelligent and productive link-up between a PC and a home entertainment/home theater system. Because PCs can do storage, grab stuff off the Web, and organize music, video, and multimedia so nicely, the marriage between a properly equipped PC and a high-end receiver or pre-amp is appealing to me and all kinds of other audio- and videophiles.

Because of that book, and other writings I’ve done for Tom’s Guide and Tom’s Hardware on multimedia and media center PCs, I still occasionally hear from other movers and shakers in that space. About three months ago, a gentleman by the name of Mike Wigle contacted me about his product, ZZcoustics, probably because I’ve been active in the HTPC world for some time and still write about it from time to time. The product is a small box (dimensions of 4x2x1in/10.2×5.2×2.5cm) with a male mini-jack on one side and a pair of RCA jacks on the other side (white and red for left and right stereo channels, respectively).

Plug the headphone jack into the PC, and the RCA jacks into a stereo input on your receiver/pre-amp

Plug the headphone jack into the PC, and the RCA jacks into a stereo input on your receiver/pre-amp

Unless you’ve gone to the trouble of installing a high-end audio card into your PC (such as the Asus Xonar HDAV 1.3 Deluxe or the HT Omega CLARO Plus) you will probably encounter line output issues should you try to connect the outputs from a headphone jack or audio connectors from your PC’s motherboard). Simply put, the ZZcoustics does a bang-up job of amplifying the output voltage from its input (the headphone jack side) and delivering standard line-in voltage and impedance from its RCA outputs to your home entertainment sound system.

What does this mean? The oscilloscope audio/video demo on the ZZcoustics site does a pretty good job of showing you: weak, puny audio from the headphone jack on a notebook or desktop PC, blazing hot, clear sound from the output of the ZZcoustics box. At $40 a pop, these units are a great investment for anybody seeking great (stereo) audio from their notebook or desktop PC, or from a compact audio device (like an iPod or MP3 player), into a home entertainment system of some kind.

October 7, 2010  3:30 PM

Post Windows 7 Upgrade Clean-up

Ed Tittel Ed Tittel Profile: Ed Tittel

As I was looking over the boot/system disk for my Dell D620 laptop this morning, I discovered a directory named $Windows.~Q that contained nearly 3 GB of data. Recognizing the leading $ (dollar) sign as a technique that Windows uses to hide shares and directories from casual display and access, I looked the directory up online to discover that it is created during the upgrade process from Vista to Windows 7 (you can’t upgrade from XP or earlier systems to Windows 7; for those older Windows versions a clean install is required). Looking around further, I discovered another hidden folder named $INPLACE.~TR as well.

A little quick research online (see this interesting article at the HowToGeek’s site, for example) informed me that not only it it safe to delete these folders and their contents, but that the effort would free up at least 1 GB of disk space, and often more than that (2.90 GB for the $Windows.~Q folder and 667 MB for the $INPLACE.~TR folder, for a total of 3.55 GB).  In fact, I learned that the Disk Cleanup utility will display checkboxes for these items after you click the “Clean up system files” button following an initial cleanup scan on a system that has been upgraded from Vista to Windows 7, as the following screenshot illustrates:

each mentions Windows Upgrade

Notice the two checked boxes: each mentions Windows Upgrade

I realize the number of machines that will be subject to in-place upgrades from Vista to Windows 7 will be small at any given company or organization, but if you do find yourself in the boat of using Windows upgrade to build a new image, or perform the upgrade on one or more PCs, don’t forget to take this additional cleanup step after the upgrade is complete. In fact, a quick post-install batch file will take care of these two directories quickly, even if Microsoft didn’t see fit to remove them on your behalf automatically.

October 4, 2010  10:15 AM

Another Cool Boot-time trimming technique

Ed Tittel Ed Tittel Profile: Ed Tittel

I’ve been a big fan of the SysInternals stuff since the mid-90s, so it was with some interest that I noticed a recent update to their “ultimate Windows start-up management tool” Autoruns.exe on September 29, 2010 (it took me a while to get around to checking out the new release, so that’s why I’m writing about it today, and will probably write about it further fairly soon). Here’s a basic screen cap of what the program looks like:

Autoruns looks at every facet of Windows boot and start-up

Autoruns looks at every facet of Windows boot and start-up

I’ve been writing regularly about a Windows boot-up optimization tool lately called Soluto (9/13/2010, 9/16/2010, and again on 9/27/2010) and have thus stayed interested in topics related to speeding Windows boot-up and start-up lately. When I noticed the latest Autoruns.exe had a tab devoted to Drivers I decided to drop in and take a look at what Windows was loading on my production machine, and found a bunch of items getting loaded that I knew my current runtime environment wasn’t using and would probably never need — most notably, a whole slew of RAID, Serial-Attached SCSCI (SAS), SCSI, and Fibre Channel (!) device drivers, but also various AMD drivers for this all-Intel machine, along with some PS/2 stuff as well.

Lots of interesting and unexpected items show up in Autoruns Drivers tab

Lots of interesting and unexpected items show up in Autoruns Drivers tab

If you’re inclined to avoid loading drivers you’re not going to use, I do recommend that you first make an image backup of your system before turning things off willy-nilly. That way if you turn something off that hoses your machine, you’ll be able to get back to operation if all other fast-fix strategies fail (like returning to the LKGC or booting in Safe Mode to rerun Autoruns and turn things back on). That said, I turned off all the device drivers I knew weren’t in use on my machine and realized a pretty substantial decrease in boot time: from 1:16 to 0:41 (info courtesy of Soluto) for a savings of 0:35 (46%!!). I’m going to back and turn some other things off that I missed on the fist round and see what happens next, but this looks like another great way to boost Windows start-up times substantially. [Note added 15 minutes after original posting: turning off all Adaptec and other SCSI related storage drivers and a few other odds’n’ends dropped my start-up time to 0:38, exactly half of the original 1:16. Way to do, Autoruns!!]

Soluto, are you guys looking into testing for presence of devices for which drivers are loaded as part of your optimization analysis? If not, let me be the first to recommend adding this to your bag of tricks (which would be easy to implement simply by comparing the results of device enumeration in Windows to the drivers and driver classes actually loaded during startup, and recommending turn-off for those not actually in use). I’m even going to copy the Soluto team on this blog so they can let me know what they are doing in this regard.

Count on me to report further on the latest version of Autoruns, as I spend more time with the program and learn further tips and tricks.

[Note added 10/11/2010: After I shared this blog with the folks at Soluto, they responded by saying they, too, were keenly aware of AutoRuns and while they do have future plans to offer options to remove unused and unneeded drivers from the boot-up sequence, they’re not ready to talk about them just yet. I guess we’ll just have to stay tuned…]

September 29, 2010  1:04 PM

Out-of-band Security Update for Windows hits

Ed Tittel Ed Tittel Profile: Ed Tittel

I’m always curious when Windows Update drops something into my hopper outside the normal second-Tuesday-of-the-month timing for regular updates. Yesterday was no exception, when five updates appeared right after lunch. It turns out that only one of them merited a security bulletin (MS10-070), so I have to guess the others were dropped in because they were already ready to go and with MS pushing something critical out the door, these items simply came along for the ride.

Yes, it's an out-of-band security bulletin for 9/28/2010

Yes, there is an out-of-band security bulletin for 9/28/2010

The critical item addressed in MS10-070 addresses a vulnerability in two different versions of the .NET Framework — specifically, versions 3.5 SP1 (also denoted as 3.5.1 in MS publications) and 4 — that could, in the words of the bulletin text itself “…allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain access to information.” It is a publicly disclosed vulnerability in ASP.NET that could let attackers read data (MS mentions the view state specifically, even though it has been encrypted by the server). The vulnerability could also allow data tampering to decrypt and alter data encrypted by the server. Versions of the .NET Framework that precede version 3.5 Service Pack 1 are not affected by the file content disclosure portion of the vulnerability, but users all the way back to version 1.0 Service Pack 3 should still apply this update, which rates an “Important” severity rating across the board.

Here are the other items that coat-tailed their way into this out-of-band update:

  • September 2010 cumulative time zone update for Windows operating systems: Changes to daylight savings start/stop dates for Middle East Standard Time, Namibia Standard Time, and US Eastern Standard Time in Indiana
  • Update for Microsoft Silverlight (KB2416427): This update fixes an incompatibility issue between Microsoft Silverlight 4 GDR 1 (4.0.50826.0) and earlier versions of the Bing Toolbar. The current release of Bing Toolbar (version 6) is not affected. Other update description info (from the MS Update details): “This update to Silverlight improves security, reliability, accessibility support, startup performance, enhances line-of-business support and includes several fixes to support rich internet applications.”
  • Update for Windows 7 (KB979538): “Stop 0x0000007E” or “Stop 0x00000050” Stop error message in Windows 7 or Windows Server 2008 R2. Install this update to prevent unexpected shutdowns or bluescreens when you are using a USB video device. After you install this item, you may have to restart your computer (caused restart on all 7 of my Windows machines, none of which uses a USB video adapter).
  • Update for Internet Explorer 8 Compatibility View List for Windows 7 (KB2362765): This continuing series of updates makes “…Web sites designed for older browsers look better in Internet Explorer 8.” Usually requires a restart of IE 8 after it’s installed (moot if the machine restarts anyway).

It’s always noteworthy when an out-of-band item appears between Patch Tuesdays. For those using .NET 3.5.1 or 4, this one’s important, but the rest of these items seem pretty humdrum to me.

September 27, 2010  3:55 PM

Soluto Getting Waaaay Closer to Production Quality

Ed Tittel Ed Tittel Profile: Ed Tittel

In the past two weeks I’ve written twice about Soluto, a Windows boot optimization program that observes the Windows boot process and makes recommendations about programs that run at boot time intended to speed up that process:

Now that two weeks have elapsed since my initial encounter with Soluto, I really have to take my hat off to these guys (and thereby expose my gleaming “chrome dome”). If you look at the 9/16 blog above you’ll in the Table therein that my production machine, my wife’s PC, my new HP notebook, and my primary test machine all failed to get Soluto to install or run correctly. Today, I’m both stunned and pleased to report that the software is now working on all seven of the PCs I included in the 9/16 blog. Here’s an updated version of the table that appeared in that blog (linked in the preceding paragraph, if you want to see the original):

Name OS Result Savings Notes/Description
Eee PC Win7 Pro x86 Success 00:01 Asus Eee PC 1000HE Netbook: minimal setup means minimal savings (original time: 01:51)
Ed-Win7-PC Win7 Ultimate x86 Success 00:06 It already booted pretty fast (00:58) but Soluto still manged to help me shave off 6 seconds
A900Test Win7 Pro x64 Success 00:10 DIY computer with P53 Pro mobo, Intel Q9450 CPU, 8 GB RAM, down from 79 to 69 programs at boot-up
Dragon Win7 Pro x64 Success 00:11 HP HDX9200 notebook with T9500 CPU, 8 GB RAM (original time 02:28)
D620Laptop Win7 Pro x86 Success 00:26 Dell Latitude D620 with T7200 CPU, 4 GB RAM (original time: 1:35)
Dina-PC Win7 Pro x86 Success 00:09 DIY mini-ITX with MSI mobo, T2300 CPU, 4 GB RAM; slow machine means not much savings overall (5.6%)
HPi7Laptop Win7 Pro x64 Suceess 00:14 HP dv6 notebook PC with i7 720M CPU, 6 GB RAM, down from 91 to 81 programs at boot-up

Not all of the PCs in my equipment pool benefited hugely from the Soluto software, but I’m hopeful that as the company gets further along with its application database (known as the “PC Genome”) recommendations on as-yet-undocumented items will help me understand better what might also be delayed (until boot-up completes) or paused (not run at all) to shave boot times even further.

But that’s not why I’m blown away by the improvements in Soluto’s behavior on my various PCs. I received four personal emails from various Soluto staff members informing me as each of the bug/problem reports I had filed with them were addressed, and in each case when they said “the software should be working now for machine X” in fact it was working for machine X the next time I tried it. They even offered to do a remote control session on my BSOD machines to help me address any issues that might have popped up. I’m sorry I didn’t have time to take up those offers, but I’m totally jazzed that they jumped on the problems I reported and have apparently fixed all of them. You don’t see customer service like this very often these days, and as a beta user I’m not sure I’m a “real customer” anyway.

I think it’s OK to start checking out Soluto in your test labs, and I withdraw most of the caveats I’ve stated about the software in earlier blog posts. I must still add this admonition because it’s completely common-sensical: “Remember, this is beta software. Use it at your own risk, and only on non-production/test PCs” (if, like me, you do use it on a production machine, be sure to make an image back-up prior to its installation, and to make regular backups daily thereafter, so you can restore your machine to an operational, pre-Soluto state, with all post-Soluto data files at your disposal).

Great job, Soluto!

September 22, 2010  2:07 PM

Prowess SmartMigrate: Free XP to Win7 VM Migration

Ed Tittel Ed Tittel Profile: Ed Tittel

Last week, I spent a fascinating hour on the phone with some engineers from Prowess, a Seattle-based software and services firm that offers a free software product called SmartMigrate (at least, it’s “free for individual, at-home use” according to the language on the product page at the Prowess Web site). Basically, what SmartMigrate does is to virtualize a system that’s already installed on a PC — and my title for this blog assumes that such a system is very likely to be running Windows XP, even though the Prowess engineers tell me it will work for just about any modern Windows OS, including Vista and even Windows 7, as the source for creating a VM to run inside Windows 7 (or some other operating system).

SmartMigrate seeks to turn running XP installs into Windows 7 VMs

SmartMigrate seeks to turn running XP installs into Windows 7 VMs

What makes SmartMigrate cool and interesting is that it’s free for at-home use and thus also for one-off experimental “let’s see how this works” test implementations. Right now, the target virtual hard disk that SmartMigrate creates works with Microsoft’s Virtual PC and Virtual Server products (and probably also with the new Windows Server 2008 R2 HyperVisor as well), and Prowess is working hard to extend its reach to include VMWare Workstation, Parallels Workstation, Oracle VM Virtualbox, and other virtual runtime environments as well.

I’m still waiting for the chance to try this out and see how it works, and just found a working link to the SmartMigrate download (use the Download button at the bottom of the page). In the meantime, I’m wondering how a free product for home use will affect the bottom lines of companies like LapLink (PC Mover) or Zinstall (Zinstall and ZPod) who make a paying business out of selling to customers what Prowess is currently trying to give away. Could be interesting, eh?

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: