News Archives 2016 Q2
June 27, 2016
is a new batch file which repeats a command forever, with a specified interval, until any key is pressed.
June 20, 2016
The second public beta version of WMIGen.exe
(compiled executable) has been released.
The time-limit has been changed from a week to a month, i.e. this one won't expire before July 20, by which time a new beta (or maybe even final) release will be available.
Windows 10's Windows Defender seems to mark the first beta as malware.
Because I expect to release several more beta releases, with relatively short intervals in between, I will not
submit the beta releases to Microsoft's false positives list.
June 8, 2016
Today the first public beta version of the completely rewritten WMIGen
(compiled executable version, written in C#, instead of HTA) has been released.
I regularly used the HTA myself, and I got fed up with its poor performance, especially on older hardware (i.e. my ASUS EEE-PC NetBook); add to that Visual Studio's excellent IDE which makes writing and debugging code so
much easier, and you may understand why I opted for a compiled executable.
June 7, 2016
• Error handling in the updated CloneDate.exe
has been improved: instead of aborting on the first file error, they will now catch and report any file error and then continue with the next file.
May 25, 2016
• Today I received messages telling me that a modified version of my VBScript download script
is being abused by criminals to download and run malware on unsuspecting recipients' computers.
The information on my site is available for everyone, unfortunately I have no way to block bad guys from abusing it.
however some things that you
as recipients can do:
- The most important one: use common sense; why would anyone you don't know send you e-mails with ZIPped attachments?
- Consider using filter rules to block e-mails with ZIPped attachements.
I know Mozilla Thunderbird has excellent filtering features; check your own e-mail software's manual, or built-in or online help, to find out if it supports filtering.
- Use up-to-date anti-malware software, keep Windows up-to-date with Windows Update, and keep your browser(s) and its add-ons up-to-date.
- This type of malware often drops its executable in the
%Temp% directory, so why not block all executables in the
Using CryptoPrevent's Advanced Software Restriction Policies is one way to do this, with the advantage that you can temporarily disable this feature quite easily:
And temporarily disabling the restriction(s) will be required quite often, as many legitimate software publishers also use the
%Temp% directory for their installers...
- Make explorer show extensions for all file types, allowing you to see what type of file is sent.
When you see the file name "contract", it may seem OK at first glance, but when you see the full name "contract.exe"...
For Windows 7: open "Folder Options" in the "Configuration Panel" and uncheck "Hide extensions for known file types".
This is, of course, of no use if you don't have a clue about file types and their extensions, but in that case I doubt you would be visiting this site.
- Consider if associating VBScript files with Notepad instead of WScript will be too much of a nuisance for you.
If you do associate ".vbs" with Notepad, you will have to use the command line or shortcuts to run them.
Before changing the file association, check and write down the current association first:
FOR /F "tokens=1* delims==" %A IN ('ASSOC .vbs') DO FTYPE %B
(command line version; use
%%B in batch files)
This will show something like:
VBSFile="%SystemRoot%\System32\WScript.exe" "%1" %*
After writing down the old association, change it using the following command:
FOR /F "tokens=1* delims==" %A IN ('ASSOC .vbs') DO FTYPE %B=Notepad "%1"
(command line version; use
%%B in batch files)
Rerun the first command to check the changes.
"1" is shown instead of
"%1", rerun the second command using
"%%1" instead of
Next time you doubleclick a VBScript file in explorer it will open in Notepad.
Note that this will only prevent VBScript files from running when doubleclicked, they can still be run using the
An alternative to association with Notepad would be to associate VBScript files with VBSEdit, which would allow you to run the script with just one extra click...
May 23, 2016
May 13, 2016
has been updated:
- limited support for extended ASCII characters in file names
- images that are too wide will be displayed scaled down to window width
April 5, 2016
April 4, 2016
• An update for NoStartSkype.bat
- the batch file now uses REG.EXE instead of a .reg file to delete the Skype autostart entry from the registry (creating the .reg file in the proper Unicode encoding was prone to failure, depending on the active code page)
- the batch file will restart itself with elevated privileges if necessary
- the batch file will delete its temporary XML file when done
April 3, 2016
• I don't use Skype very often, so it really annoyed me when Skype, after every update, reenabled its autostart feature.
That is why I wrote NoStartSkype.bat
, a batch file that creates a scheduled task to remove Skype's autostart from the registry at each logon and
at each screen lock (a work-around for the limitation that I could not create a scheduled task that would do this at logoff).
Run the batch file once, with elevated privileges, and do not delete (nor move) the .reg file it creates, which is used by the scheduled task.
||page last uploaded: 2018-12-13, 12:06