Windows Enterprise Desktop

October 11, 2010  1:33 PM

Selling/surplusing PCs? Replace and crush the hard disks!

Ed Tittel Ed Tittel Profile: Ed Tittel

I’ve been working on revising a couple of books lately — namely, the CISSP Study Guide (going into a 5th edition) and Computer Forensics JumpStart (for a 2nd edition; both books for Sybex/Wiley) — and in that context found this Q&A extremely interesting. It’s entitled “What’s the best way to compleely remove everything from a computer, without re-installing?” and it addresses sanitization of a PC in advance of its sale to a third party.

In a nutshell, the solution posted to this query essentially involves multiple levels of hard disk clean-up, then free-space scrubbing (so-called/claimed “secure erasure”) to remove all traces of files removed during the clean-up effort (see the posting for the details, which may of interest to individuals seeking to squeak a few extra bucks out of personal equipment, perhaps to help fund the purchase of replacement gear). This is all well and good for machines that have never played host to anything sensitive, proprietary, or protected under various rules and regulations governing customer, client, or patient confidentiality.

This is not a viable solution for corporate gear. Under no circumstances should hard disks that have been used for business purposes ever be re-sold to a third party. Baldly put, these devices need to be securely destroyed to prevent their contents from getting into the wrong hands. After reading (and in some cases writing) about the kinds of tools and techniques available for data recovery and restoration, and understanding the liability and risk exposures that unauthorized access to such data can pose, the only truly safe way to dispose of hard disks used for business purposes is to subject them to some process that damages the platters on hard disks sufficiently that the pieces can’t be put back together again for aggressive scanning and recovery efforts.

That means crushing, shredding, or otherwise mangling the devices so that they simply can’t be accessed and read ever again. With storage as cheap as it is today, it even makes sense to remove and replace drives when equipment is slated for donation to schools or charities, as is sometimes the case with corporate equipment retirements. Anything less risks data discovery, and is simply not worth the potential exposure incurred thereby. Make this stipulation part of your security and lifecycle management policies, and you’ll never have cause to regret this decision.

October 8, 2010  6:35 PM

Great Audio from PC to Sound System via ZZcoustics

Ed Tittel Ed Tittel Profile: Ed Tittel

Back in 2005, I had the privelege and the pleasure to work with Mike Chin (the guru behind and Matt Wright (a PC video maven who writes for sites like and on a book entitled Build the Ultimate Home Theater PC. It let me ride a favorite hobby-horse of mine: namely, an intelligent and productive link-up between a PC and a home entertainment/home theater system. Because PCs can do storage, grab stuff off the Web, and organize music, video, and multimedia so nicely, the marriage between a properly equipped PC and a high-end receiver or pre-amp is appealing to me and all kinds of other audio- and videophiles.

Because of that book, and other writings I’ve done for Tom’s Guide and Tom’s Hardware on multimedia and media center PCs, I still occasionally hear from other movers and shakers in that space. About three months ago, a gentleman by the name of Mike Wigle contacted me about his product, ZZcoustics, probably because I’ve been active in the HTPC world for some time and still write about it from time to time. The product is a small box (dimensions of 4x2x1in/10.2×5.2×2.5cm) with a male mini-jack on one side and a pair of RCA jacks on the other side (white and red for left and right stereo channels, respectively).

Plug the headphone jack into the PC, and the RCA jacks into a stereo input on your receiver/pre-amp

Plug the headphone jack into the PC, and the RCA jacks into a stereo input on your receiver/pre-amp

Unless you’ve gone to the trouble of installing a high-end audio card into your PC (such as the Asus Xonar HDAV 1.3 Deluxe or the HT Omega CLARO Plus) you will probably encounter line output issues should you try to connect the outputs from a headphone jack or audio connectors from your PC’s motherboard). Simply put, the ZZcoustics does a bang-up job of amplifying the output voltage from its input (the headphone jack side) and delivering standard line-in voltage and impedance from its RCA outputs to your home entertainment sound system.

What does this mean? The oscilloscope audio/video demo on the ZZcoustics site does a pretty good job of showing you: weak, puny audio from the headphone jack on a notebook or desktop PC, blazing hot, clear sound from the output of the ZZcoustics box. At $40 a pop, these units are a great investment for anybody seeking great (stereo) audio from their notebook or desktop PC, or from a compact audio device (like an iPod or MP3 player), into a home entertainment system of some kind.

October 7, 2010  3:30 PM

Post Windows 7 Upgrade Clean-up

Ed Tittel Ed Tittel Profile: Ed Tittel

As I was looking over the boot/system disk for my Dell D620 laptop this morning, I discovered a directory named $Windows.~Q that contained nearly 3 GB of data. Recognizing the leading $ (dollar) sign as a technique that Windows uses to hide shares and directories from casual display and access, I looked the directory up online to discover that it is created during the upgrade process from Vista to Windows 7 (you can’t upgrade from XP or earlier systems to Windows 7; for those older Windows versions a clean install is required). Looking around further, I discovered another hidden folder named $INPLACE.~TR as well.

A little quick research online (see this interesting article at the HowToGeek’s site, for example) informed me that not only it it safe to delete these folders and their contents, but that the effort would free up at least 1 GB of disk space, and often more than that (2.90 GB for the $Windows.~Q folder and 667 MB for the $INPLACE.~TR folder, for a total of 3.55 GB).  In fact, I learned that the Disk Cleanup utility will display checkboxes for these items after you click the “Clean up system files” button following an initial cleanup scan on a system that has been upgraded from Vista to Windows 7, as the following screenshot illustrates:

each mentions Windows Upgrade

Notice the two checked boxes: each mentions Windows Upgrade

I realize the number of machines that will be subject to in-place upgrades from Vista to Windows 7 will be small at any given company or organization, but if you do find yourself in the boat of using Windows upgrade to build a new image, or perform the upgrade on one or more PCs, don’t forget to take this additional cleanup step after the upgrade is complete. In fact, a quick post-install batch file will take care of these two directories quickly, even if Microsoft didn’t see fit to remove them on your behalf automatically.

October 4, 2010  10:15 AM

Another Cool Boot-time trimming technique

Ed Tittel Ed Tittel Profile: Ed Tittel

I’ve been a big fan of the SysInternals stuff since the mid-90s, so it was with some interest that I noticed a recent update to their “ultimate Windows start-up management tool” Autoruns.exe on September 29, 2010 (it took me a while to get around to checking out the new release, so that’s why I’m writing about it today, and will probably write about it further fairly soon). Here’s a basic screen cap of what the program looks like:

Autoruns looks at every facet of Windows boot and start-up

Autoruns looks at every facet of Windows boot and start-up

I’ve been writing regularly about a Windows boot-up optimization tool lately called Soluto (9/13/2010, 9/16/2010, and again on 9/27/2010) and have thus stayed interested in topics related to speeding Windows boot-up and start-up lately. When I noticed the latest Autoruns.exe had a tab devoted to Drivers I decided to drop in and take a look at what Windows was loading on my production machine, and found a bunch of items getting loaded that I knew my current runtime environment wasn’t using and would probably never need — most notably, a whole slew of RAID, Serial-Attached SCSCI (SAS), SCSI, and Fibre Channel (!) device drivers, but also various AMD drivers for this all-Intel machine, along with some PS/2 stuff as well.

Lots of interesting and unexpected items show up in Autoruns Drivers tab

Lots of interesting and unexpected items show up in Autoruns Drivers tab

If you’re inclined to avoid loading drivers you’re not going to use, I do recommend that you first make an image backup of your system before turning things off willy-nilly. That way if you turn something off that hoses your machine, you’ll be able to get back to operation if all other fast-fix strategies fail (like returning to the LKGC or booting in Safe Mode to rerun Autoruns and turn things back on). That said, I turned off all the device drivers I knew weren’t in use on my machine and realized a pretty substantial decrease in boot time: from 1:16 to 0:41 (info courtesy of Soluto) for a savings of 0:35 (46%!!). I’m going to back and turn some other things off that I missed on the fist round and see what happens next, but this looks like another great way to boost Windows start-up times substantially. [Note added 15 minutes after original posting: turning off all Adaptec and other SCSI related storage drivers and a few other odds’n’ends dropped my start-up time to 0:38, exactly half of the original 1:16. Way to do, Autoruns!!]

Soluto, are you guys looking into testing for presence of devices for which drivers are loaded as part of your optimization analysis? If not, let me be the first to recommend adding this to your bag of tricks (which would be easy to implement simply by comparing the results of device enumeration in Windows to the drivers and driver classes actually loaded during startup, and recommending turn-off for those not actually in use). I’m even going to copy the Soluto team on this blog so they can let me know what they are doing in this regard.

Count on me to report further on the latest version of Autoruns, as I spend more time with the program and learn further tips and tricks.

[Note added 10/11/2010: After I shared this blog with the folks at Soluto, they responded by saying they, too, were keenly aware of AutoRuns and while they do have future plans to offer options to remove unused and unneeded drivers from the boot-up sequence, they’re not ready to talk about them just yet. I guess we’ll just have to stay tuned…]

September 29, 2010  1:04 PM

Out-of-band Security Update for Windows hits

Ed Tittel Ed Tittel Profile: Ed Tittel

I’m always curious when Windows Update drops something into my hopper outside the normal second-Tuesday-of-the-month timing for regular updates. Yesterday was no exception, when five updates appeared right after lunch. It turns out that only one of them merited a security bulletin (MS10-070), so I have to guess the others were dropped in because they were already ready to go and with MS pushing something critical out the door, these items simply came along for the ride.

Yes, it's an out-of-band security bulletin for 9/28/2010

Yes, there is an out-of-band security bulletin for 9/28/2010

The critical item addressed in MS10-070 addresses a vulnerability in two different versions of the .NET Framework — specifically, versions 3.5 SP1 (also denoted as 3.5.1 in MS publications) and 4 — that could, in the words of the bulletin text itself “…allow an attacker to compromise your Windows-based system that is running the Microsoft .NET Framework and gain access to information.” It is a publicly disclosed vulnerability in ASP.NET that could let attackers read data (MS mentions the view state specifically, even though it has been encrypted by the server). The vulnerability could also allow data tampering to decrypt and alter data encrypted by the server. Versions of the .NET Framework that precede version 3.5 Service Pack 1 are not affected by the file content disclosure portion of the vulnerability, but users all the way back to version 1.0 Service Pack 3 should still apply this update, which rates an “Important” severity rating across the board.

Here are the other items that coat-tailed their way into this out-of-band update:

  • September 2010 cumulative time zone update for Windows operating systems: Changes to daylight savings start/stop dates for Middle East Standard Time, Namibia Standard Time, and US Eastern Standard Time in Indiana
  • Update for Microsoft Silverlight (KB2416427): This update fixes an incompatibility issue between Microsoft Silverlight 4 GDR 1 (4.0.50826.0) and earlier versions of the Bing Toolbar. The current release of Bing Toolbar (version 6) is not affected. Other update description info (from the MS Update details): “This update to Silverlight improves security, reliability, accessibility support, startup performance, enhances line-of-business support and includes several fixes to support rich internet applications.”
  • Update for Windows 7 (KB979538): “Stop 0x0000007E” or “Stop 0x00000050” Stop error message in Windows 7 or Windows Server 2008 R2. Install this update to prevent unexpected shutdowns or bluescreens when you are using a USB video device. After you install this item, you may have to restart your computer (caused restart on all 7 of my Windows machines, none of which uses a USB video adapter).
  • Update for Internet Explorer 8 Compatibility View List for Windows 7 (KB2362765): This continuing series of updates makes “…Web sites designed for older browsers look better in Internet Explorer 8.” Usually requires a restart of IE 8 after it’s installed (moot if the machine restarts anyway).

It’s always noteworthy when an out-of-band item appears between Patch Tuesdays. For those using .NET 3.5.1 or 4, this one’s important, but the rest of these items seem pretty humdrum to me.

September 27, 2010  3:55 PM

Soluto Getting Waaaay Closer to Production Quality

Ed Tittel Ed Tittel Profile: Ed Tittel

In the past two weeks I’ve written twice about Soluto, a Windows boot optimization program that observes the Windows boot process and makes recommendations about programs that run at boot time intended to speed up that process:

Now that two weeks have elapsed since my initial encounter with Soluto, I really have to take my hat off to these guys (and thereby expose my gleaming “chrome dome”). If you look at the 9/16 blog above you’ll in the Table therein that my production machine, my wife’s PC, my new HP notebook, and my primary test machine all failed to get Soluto to install or run correctly. Today, I’m both stunned and pleased to report that the software is now working on all seven of the PCs I included in the 9/16 blog. Here’s an updated version of the table that appeared in that blog (linked in the preceding paragraph, if you want to see the original):

Name OS Result Savings Notes/Description
Eee PC Win7 Pro x86 Success 00:01 Asus Eee PC 1000HE Netbook: minimal setup means minimal savings (original time: 01:51)
Ed-Win7-PC Win7 Ultimate x86 Success 00:06 It already booted pretty fast (00:58) but Soluto still manged to help me shave off 6 seconds
A900Test Win7 Pro x64 Success 00:10 DIY computer with P53 Pro mobo, Intel Q9450 CPU, 8 GB RAM, down from 79 to 69 programs at boot-up
Dragon Win7 Pro x64 Success 00:11 HP HDX9200 notebook with T9500 CPU, 8 GB RAM (original time 02:28)
D620Laptop Win7 Pro x86 Success 00:26 Dell Latitude D620 with T7200 CPU, 4 GB RAM (original time: 1:35)
Dina-PC Win7 Pro x86 Success 00:09 DIY mini-ITX with MSI mobo, T2300 CPU, 4 GB RAM; slow machine means not much savings overall (5.6%)
HPi7Laptop Win7 Pro x64 Suceess 00:14 HP dv6 notebook PC with i7 720M CPU, 6 GB RAM, down from 91 to 81 programs at boot-up

Not all of the PCs in my equipment pool benefited hugely from the Soluto software, but I’m hopeful that as the company gets further along with its application database (known as the “PC Genome”) recommendations on as-yet-undocumented items will help me understand better what might also be delayed (until boot-up completes) or paused (not run at all) to shave boot times even further.

But that’s not why I’m blown away by the improvements in Soluto’s behavior on my various PCs. I received four personal emails from various Soluto staff members informing me as each of the bug/problem reports I had filed with them were addressed, and in each case when they said “the software should be working now for machine X” in fact it was working for machine X the next time I tried it. They even offered to do a remote control session on my BSOD machines to help me address any issues that might have popped up. I’m sorry I didn’t have time to take up those offers, but I’m totally jazzed that they jumped on the problems I reported and have apparently fixed all of them. You don’t see customer service like this very often these days, and as a beta user I’m not sure I’m a “real customer” anyway.

I think it’s OK to start checking out Soluto in your test labs, and I withdraw most of the caveats I’ve stated about the software in earlier blog posts. I must still add this admonition because it’s completely common-sensical: “Remember, this is beta software. Use it at your own risk, and only on non-production/test PCs” (if, like me, you do use it on a production machine, be sure to make an image back-up prior to its installation, and to make regular backups daily thereafter, so you can restore your machine to an operational, pre-Soluto state, with all post-Soluto data files at your disposal).

Great job, Soluto!

September 22, 2010  2:07 PM

Prowess SmartMigrate: Free XP to Win7 VM Migration

Ed Tittel Ed Tittel Profile: Ed Tittel

Last week, I spent a fascinating hour on the phone with some engineers from Prowess, a Seattle-based software and services firm that offers a free software product called SmartMigrate (at least, it’s “free for individual, at-home use” according to the language on the product page at the Prowess Web site). Basically, what SmartMigrate does is to virtualize a system that’s already installed on a PC — and my title for this blog assumes that such a system is very likely to be running Windows XP, even though the Prowess engineers tell me it will work for just about any modern Windows OS, including Vista and even Windows 7, as the source for creating a VM to run inside Windows 7 (or some other operating system).

SmartMigrate seeks to turn running XP installs into Windows 7 VMs

SmartMigrate seeks to turn running XP installs into Windows 7 VMs

What makes SmartMigrate cool and interesting is that it’s free for at-home use and thus also for one-off experimental “let’s see how this works” test implementations. Right now, the target virtual hard disk that SmartMigrate creates works with Microsoft’s Virtual PC and Virtual Server products (and probably also with the new Windows Server 2008 R2 HyperVisor as well), and Prowess is working hard to extend its reach to include VMWare Workstation, Parallels Workstation, Oracle VM Virtualbox, and other virtual runtime environments as well.

I’m still waiting for the chance to try this out and see how it works, and just found a working link to the SmartMigrate download (use the Download button at the bottom of the page). In the meantime, I’m wondering how a free product for home use will affect the bottom lines of companies like LapLink (PC Mover) or Zinstall (Zinstall and ZPod) who make a paying business out of selling to customers what Prowess is currently trying to give away. Could be interesting, eh?

September 20, 2010  1:42 PM

Paul Thurrot Heaps Accolades on IE9

Ed Tittel Ed Tittel Profile: Ed Tittel

How about this for a quote from Windows guru and maven Paul Thurrot?

Unlike its immediate predecessors, IE 9 is not about more for more’s sake. Instead, IE 9 takes the same path Microsoft plowed with Windows 7 and then Windows Phone 7. It’s clean, simple and fast. It gets out of the way, letting web site content take center stage. It’s everything that IE has never been, then, and in addition to being the best browser that Microsoft’s ever made, it may very well be the best web browser on the market, even in this early public beta version. Maybe.

Internet Explorer 9 Beta (Paul Thurrot, SuperSite for Windows, 9/15/2010)

The IE9 Beta is ready for download

The IE9 Beta is ready for download

Wow! Talk about an incentive to tackle a Microsoft beta — something I’m rarely willing to do, outside of major OS and Service Pack releases. And because I’m working on a new thirteenth edition of my immortal classic HTML, XHTML, and CSS For Dummies and therefore also working with HTML 5 and CSS3, I am more than merely curious about how IE9 fares in the areas of support for such emerging Web standards. (FWIW, IE8 does OK with HTML 5, but is definitely way behind Google Chrome and Apple Safari in supporting CSS3).

I’m planning to dig into this environment over the next couple of weeks and will report on how IE9 does with HTML 5 and CSS 3 markup, particularly in areas where IE 8 proved deficient as we were working on our latest book. In the meantime, if you want to try it out for your own self — on a test machine or in a disposable VM, please — grab it and go from the IE 9 Beta Home Page.

September 17, 2010  4:06 PM

PC Tools Posts Startup and Efficiency Gains in 2011 Versions

Ed Tittel Ed Tittel Profile: Ed Tittel

It’s not often that fate conspires to show me how new software changes system behavior, without me having to jump through lots of extra hoops to gather the necessary data. But because of the confluence of two sets of unrelated events this week, that’s exactly what happened as I started learning my way into the latest release of the PC Tools product lineup for 2011 (yes, it’s that time of year again, when security vendors start popping out and plumping up the next year’s version of their Internet protection stuff, PC Tools included).

This time around, I looked at PC Tools Spyware Doctor with AntiVirus because it’s what I have a paid subscription for on a couple of my test machines (I still have one unused license, but I just ordered parts for a new machine from Newegg yesterday, so I have a pretty good idea where that unused license will be going in the relatively near future). PC Tools has devoted some obvious effort to a couple of different areas of improvement within the product and my recent interactions with Soluto (a Windows boot optimization tool that’s still in beta, and the subject of recent blogs here on September 13 and September 16). Here’s a box shot of the new Internet Security Suite for 2011:

Another year, another security software version

Another year, another security software version

Because Soluto monitors how much time various start-up elements consume during the Windows boot process, I was able to observe that the startup time for Spyware Doctor with AntiVirus (which I’ll abbreviate, as PC Tools itself does, as SDAV henceforth) declined from 20 seconds in the previous version  to 11 seconds in the current version (a 45% improvement). I don’t have any formal measurements to back up my other observation — namely, that the new version completes scans and generally runs faster than the old one — but I plan to gather some in the near future to provide a better formal basis for comparison.

In talking to some of the principals at PC Tools, I also learned that the company devoted a lot of effort to improving their malware protection on the “behavior monitor” side. This is a part of the software that observes what programs are doing as they run on a PC, and that pay special attention to various classes of suspect behavior (creating, altering or deleting certain registry keys, accessing files in various important Windows directories, manipulating certain key .exe or .dll files, and so forth, all potentially indicative of malware at work) and can intervene to block potentially dangerous behaviors from occurring, or even shut down processes with what you might call “extreme rogue potential.”

The overall behavior of this side of antimalware software generally falls into the heuristics and behavioral side of protection and prevention, rather than using specific signatures to conclusively identify malware at work. Of course, as suspects are rounded up and profiled, the software creates and develops “behavioral profiles” based on detection of various malware-like specifics or characteristics, so PC Tools can learn from its customer’s experiences, and keep developing matching signatures as new malware items are identified and associated with various files, registry keys, and so forth. This kind of capability is much like TripWire, which observes system file and state changes associated with software behavior, and then provides ways to identify what has been changed, and how, over time.

For the 2011 version, PC Tools has also added a download manager to its software environment, so that a 500K program bootstraps the download and install processes, and can selectively download components suitable to specific licenses and operating systems as needed. There’s also a threat expert memory scanner that looks for active malware of a type known as “AV-killers” (designed to disable or otherwise shut down or defeat antivirus and antispyware packages) that kills the processes associated with such malware and goes on to deactivate them so they can be removed and cleaned up on infested systems. For more info, check out

PC Tools has also updated its toolbox software to create something called PC Tools Performance Toolkit 2011, about which I’ll write more soon — once I get the chance to play with it myself, that is. Stay tuned!

September 16, 2010  9:26 PM

More on Soluto Windows Boot Optimizer

Ed Tittel Ed Tittel Profile: Ed Tittel

In my last blog, I bashed the Soluto Windows boot optimization tool: “Just Another Blue Screen Monday Morning.” I’m writing about it again because I do think the program has real value — it’s just not yet ready for prime-time or production use. To the vendor’s credit, the company does clearly mark it as a beta, and it is astoundingly reponsive to user input and complaints (each of my reports got a personal, not “personalized,” email response in under 12 hours). And FWIW, the company also seems interested in and ready to react to user bug and problem reports.

Here are the results from my recent encounter with the tool on all 7 working machines currently in my home office (or at my disposal):

Name OS Result Savings Notes/Description
Eee PC Win7 Pro x86 Success 00:01 Asus Eee PC 1000HE Netbook: minimal setup means minimal savings (original time: 01:51)
Ed-Win7-PC Win7 Ultimate x86 BSOD None Don’t know if it was my complex set-up, my SSD, or what, but my machine turned up a BSOD on first post-install reboot
A900Test Win7 Pro x64 Boot analysis never completes None DIY computer with P53 Pro mobo, Intel Q9450 CPU, 8 GB RAM
Dragon Win7 Pro x64 Success 00:11 HP HDX9200 notebook with T9500 CPU, 8 GB RAM (original time 02:28)
D620Laptop Win7 Pro x86 Success 00:26 Dell Latitude D620 with T7200 CPU, 4 GB RAM (original time: 1:35)
Dina-PC Win7 Pro x86 Boot analysis never completes None DIY mini-ITX with MSI mobo, T2300 CPU, 4 GB RAM
HPi7Laptop Win7 Pro x64 BSOD None HP dv6 notebook PC with i7 720M CPU, 6 GB RAM

Hopefully, this more extended report helps to put some teeth into my earlier contention that Soluto, while interesting, is not yet ready for production use. Success on 3 out of 7 machines is a rate of under 50% (42.85% to be more exact): by itself, that tells me the software has a way to go before it will appeal to the great unwashed on the one hand (that is, normal home PC users) or to IT professionals on the other hand.

The boot-time savings were lowest on my least powerful machine (my Asus Eee PC 1000HE netbook, with its Atom N280 and 2 GB RAM), and somewhat less than thrilling on my high-end HP HDX9200 notebook (11 seconds off an original boot time of 2:28 is a 7.4% improvement: nice but not earth-shaking). My rock-solid, fabulous Dell D620 notebook accrued the largest gain with 25 seconds off 1:35 (26.3% is a pretty substantial improvement, in my book).

The D620 Notebook got the best boot boost from Soluto

The D620 Notebook got the best boot boost from Soluto

Soluto is definitely worth keeping an eye on, and even, keeping one’s fingers crossed that the program emerges from beta into truly commercial status. If and when that happens it’s going into my standard Windows toolkit for sure. Right now, the program is like the famous ditty about the girl with the curl in the middle of her forehead: “When she was good, she was very, very good; But when she was bad, she was horrid.”

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: