Wednesday, April 13, 2011

Software Every PC Technician Needs

This post will discuss software that I have found essential as a PC technician. This article is not intended as a step-by-step guide nor is it intended as a list of every app that technicians will ever need. It is simply an overview of software that I find fundamental to the PC technician.

Malware Removal

We already discussed my process for Malware Removal in a previous post. Here's a recap of the software that I use:

MalwareBytes Anti-Malware is one of the best malicious software removal tools available.

SUPERAntiSpyware is another excellent malicious software removal tool. Plus, it comes in a portable version.

ComboFix is great at root kit removal.

While CCleaner is not a malware removal tool, it is great at cleaning up junk before purging a system of malicious software. It also has an excellent portable version.

Live CDs

One of my favorite tools is Ultimate Boot CD for Windows. It is a boot CD based on Bart PE. The entire list of tools included with UBCD4Win is far too long to go into here. But, it includes anti-virus, backup, diagnostic, recovery, password, registry, and benchmarking tools. It is well worth your time to build a CD(or USB drive).

Another Live CD to add to your collection is Ubuntu. This user friendly Linux distribution includes a long list of tools as well. Plus, you can install additional software as needed.

Remote Software

I have found three way of supporting users remotely that I like.

First is Remote Assistant. It is built into Windows and works great. Also good are LogMeIn and DameWare. Try them out and see what works for you. 


When users have their email applications remember their password for them, they often forget the password when the time comes to migrate to new hardware. Mail Pass View solves this. It can recover lost passwords for many different email apps.

Another thing that users can forget or misplace is product keys. ProduKey has this covered. It can recover product keys for both Windows and Office.

No matter how hard Microsoft tries, Windows XP just won't die. Technicians still spend a lot of time supporting it. I have found that nLite is essential for keeping my XP install CDs up-to-date with the latest Service Packs and patches. Not only that, you can customize the install disk in innumerable ways. It does take a while to download all the updates and set up the CD. But, in the long run, it saves countless hours of downloading updates for each individPC that you service.

A great companion to nLite is DriverPacks. With DriverPacks you can slipstream drivers for practically every hardware device under the sun. You can also create a stand alone disk for updating drivers.

Best for last...

Google. Okay, not really software, but it is vital for every PC technician. It is impossible to know or remember everything about all of the different versions of Windows, much less every application that one may encounter. I use Google all the time to research everything from error messages to how to install a low voltage power supply on a particular HP Laserjet model. Again, Google is indispensable.

Do you have any favorites that are not listed? Let's hear about them. Leave a comment.

Monday, April 11, 2011

Backup Windows Part 3 -- xcopy

Let's briefly discuss a quick way to backup Windows. I use a batch file that I wrote to quickly backup clients' PCs.

Here it is:

xcopy /c /d /e /h /i /r /y "%USERPROFILE%\Favorites" "%COMPUTERNAME%\%USERNAME%\Favorites"
xcopy /c /d /e /h /i /r /y "%USERPROFILE%\Desktop" "%COMPUTERNAME%\%USERNAME%\Desktop"
xcopy /c /d /e /h /i /r /y "%USERPROFILE%\My Documents" "%COMPUTERNAME%\%USERNAME%\My Documents"
xcopy /c /d /e /h /i /r /y "%USERPROFILE%\Documents" "%COMPUTERNAME%\%USERNAME%\Documents"
xcopy /c /d /e /h /i /r /y "%USERPROFILE%\AppData\Local\Microsoft\Outlook\*.pst"
xcopy /c /d /e /h /i /r /y "%USERPROFILE%\Local Settings\Application Data\Microsoft\Outlook\*.pst"

echo Backup Complete!

This quick script copies the user's Favorites, Desktop, My Documents(Documents in the case of Vista and Windows 7) and the Outlook .pst file.

This script will work for either XP or Vista/Windows 7. The /c switch tells xcopy to continue even if it confronts an error. Therefore, when running this script on Windows 7, xcopy simply moves on when it does not find the My Documents folder. Of course, the inverse is true when running the script on XP.

This can be used for migrations or as a regular backup. The /d switch tells xcopy to only copy files that have changed since a certain date. If no date is given, as above, only the files that have a newer source time than the destination will be copied.

Obviously, changes can be made to customize the script as needed. For instance, the entire user profile can be backed up. Also, additional folders, such as the Firefox profile, can be added.

I run this script from an external USB drive and all of the data is copied to that drive. Again, customize the script to copy files to a different location.

Be sure to type xcopy /? at a command prompt to learn what each switch does and also to learn about the switches not included in the above.

If you want to use the above backup script, copy and paste it into notepad and save it as backup.bat. Double-click the file and you're backing up.

Sunday, April 3, 2011

Backup Windows Part 2 -- Clonezilla

Clonezilla Live is the software that we are to discuss in this part of the Backup Windows series. Regardless of my title, one can use Clonezilla to clone any hard drive--not just hard drives with Windows installed. Clonezilla Live is free, Linux based software that allows one to clone (i.e. make an exact copy) of a hard drive. Simply clone your system and if your hard drive catastrophically fails, pop in the clone and boot up.

As always, click on any pictures that are too small to see.

Download Clonezilla Live and burn it to a CD or DVD. Boot to your newly created Clonezilla Live disk. On the opening menu, choose Clonezilla live.

You'll see a lot of scrolling text and finally a menu to choose your language. Since you are reading this blog, we'll assume that your choice is English. On the next menu, unless you have a good reason, choose Don't touch keymap.

Next, choose Start Clonezilla.

Clonezilla can also be used to create an image. In this post, we are discussing cloning. So, on the next menu, select device-device.

On the next menu, select Beginner Mode.

After that, your selection depends on what you want to do. There are four options presented. Select disk_to_local_disk to clone an entire hard drive to another hard drive on the same PC. Choose disk_to_remote_disk to clone an entire hard drive to a hard drive on your network. Select part_to_local_part to clone a particular partition to another partition on the same PC. Choose part_to_remote_part to clone a particular partition to another partition on your network. In this example, we are choosing disk_to_local_disk. This is probably what you want to do as well.

Next select your source. This is the disk that we are copying. Make sure that you select the right one. If you are not 100% sure. Stop. Find out for sure before you proceed. If you do this backwards, you will wipe out your original hard drive.

Next, select your destination. This is where the exact copy of your source is to be located. Again, be sure that you have chosen correctly. The destination disk will be wiped out. So, only select a destination with no data or one that has data that you don't mind losing.

One limitation to Clonezilla is that the destination hard drive or partition must be at least the same size as the source. It doesn't matter if you have a lot of free, unused space on your source disk. Again, the destination must be at least as big as the source.

Next, press enter to continue. You will have to confirm that you want to proceed twice.

Clonezilla then asks if you want to clone your boot loader. If you plan on using this as a backup in case of a failure of the original hard drive, the answer is yes. Confirm one more time and you're cloning.

Depending on how big your drive is, this can take hours. This is something I try to schedule to do overnight.

After it is finished, you should test your copy to make sure that it boots.

Saturday, April 2, 2011

Backup Windows Part 1 -- Backup and Restore

A couple of days ago was National Backup Day. Okay, we are a little late. Plus, a quick Google search will reveal several National Backup Days. Nevertheless, I was inspired to post a multi-part post on different methods for backing up Windows.

In Part 1, we will discuss using Backup and Restore. Backup and Restore is available in both Vista and Windows 7.

Creating The Backup

Backup and Restore is located here: Start>All Programs>Maintenance>Backup and Restore. Or simply type, "Backup and Restore" in the Search programs and files dialog box at the bottom of the start menu.

The first time that Backup and Restore is run, the backup must be set. Click the Set up backup button.

When the Set Backup Window pops up, select the drive that will serve as the backup drive. This must be a different physical drive from the one that is being backed up. Backing up to a different partition on the same physical disk does not make any sense. If the drive fails, all of the partitions fail and your backup is lost. You may choose a different physical disk in the same computer, a drive on the network, an optical drive, a virtual hard drive(VHD), or a USB drive. This can be changed in the future, if needed.

You will then be given a choice of weather to let Windows choose what to back up or choose yourself.

Explore the options and decide for yourself what best suites your needs.

Once the backup is set, press the Backup now button or schedule a time for backups. The time chosen for backup must be a time when the backup drive is available. Otherwise the backup will fail.

The amount of time that is taken for the backup will depend on how much data you are backing up. If this is the first backup and there is a lot of data, it can take well over an hour.

That's all that needs to be done. Just let it complete.

Restoring From The Backup

To restore a file or folder, open up Backup and Restore and click the Restore my Files button.

A window will popup that allows you to browse or search your backup for files or folders that you need. You can choose a different date to restore from as well.

Once the file(s) are selected, click Next. A new window pops up allowing you to choose weather to restore the file in it's original location or to another location.

That's it. Let it restore the files.

Backup and Restore can also create a system image. More on that in a future post.

Sunday, March 27, 2011

How to Remove Malware

Today's post will demonstrate the method for removing malware the I have developed over the past couple of years. Malware includes virus, spyware, scareware, worm, root kit, or trojan infections.

First, boot the PC into Safe Mode. I always do this--no matter the type or severity of the infection. Booting into Safe Mode accomplishes two things. One, it disables services upon which the malicious software relies. Most of the pop-ups and the 'self defense mechanisms' associated with malware are crippled in Safe Mode. 'Self defense mechanisms' include blocking antivirus software from being installed, detecting the infection, or removing the infection. Two, booting into Safe Mode simply allows the scans to run much faster.

After you have booted into Safe Mode, run the portable version of CCleaner. This will remove a lot of junk and speed up scan times. Start up CCleaner, configure what you want removed by checking or un-checking the various boxes, and click Run Cleaner.

Next, click on the Registry tab and then click Scan for Issues. I have never run into any problems, but go ahead and back up the registry before fixing the issues that it will find. I usually back up the registry to the root of the C:\ drive or somewhere that the client won't find it and mistakenly reinstall it.

Next, install MalwareBytes AnitMalware. MalwareBytes is an excellent malware remover. After you have it installed, update it. If you have just downloaded the installer minutes before installing the software, update it anyway.

Next, return to the Scanner tab and run a Quick Scan. I have never found it necessary to do a Full Scan.

When the scan completes, close the text file that pops up and press the 'Remove Selected' button. Reboot, as instructed. Make sure to reboot into Safe Mode, again.

If you removed several hundred infections. It's a good idea to run the scan again after rebooting.

Next, run the portable version of SuperAntiSpyWare. Yes, it's a horrible name for software(or anything for that matter.) It sounds like something from a Japanese monster movie, but it's also an excellent malware removal tool.

Again, update first.

After updating is complete, click the Scan you Computer... button. Choose Perform Quick Scan and then click the Next Button.

SuperAntiSpyWare takes considerably longer to perform it's scan than MalwareBytes does. Be patient, remove the selected infections, and reboot as instructed. If the system is a x86 (i.e. a 32-bit system) reboot into Safe Mode. We have one more step to perform.

If it is a x64 system, you should be done. Boot the computer normally and check it out. Make sure that everything behaves as it should. Make sure that no proxies are set that shouldn't be set. Browse a few antivirus sites and If you can't browse these sites, start the process over from the beginning, the system is still infected. Also try scanning with whatever antivirus software your client already has installed. That is, assuming that it is up to date.

If you are working on a 32-bit system, run ComboFix from Bleeping Computer. Be forewarned, the developers of this software do not want you to run it with out their supervision. That being said, I have run ComboFix countless times and never had any problems. Again, be sure to read the disclaimer.

If ComboFix tells you that it needs an update, update it. If it tells you that the recovery console needs installing, install it. Otherwise, let it run. If ComboFix finds root kits, it may need to reboot the system. Don't do it yourself and don't worry about Safe Mode. Let the software do it's thing.

That should do it. Again, check the system out to see that it behaves as it should. Make sure that no proxies are set that shouldn't be set. (Internet Options>Connections Tab>LAN Settings Button>Proxy Server Section.) As above, browse Microsoft's site and a few big name anti-virus software companies' web sites.

If after performing the above process you find the system still infected, remove the hard drive from the system, slave to another clean system and run MalwareBytes and SuperAntiSpyWare on the infected drive. Also, scan the slaved drive with software like AVG or Microsoft Security Essentials.

Be sure to see an earlier post on how to keep your system from getting infected. After cleaning a system, it is a good idea to go through that process as well.

Sunday, March 20, 2011

Changing Forgotten Window's Passwords

Often times a user will forget their Windows login password. Of course, often times that user will be using the sole administrator account on the computer.

When I am in this situation, I use the Ultimate Boot CD for Windows to reset the password. There are other tools to accomplish this, but UBCD4win is an extremely handy multi-use tool that I think every tech should have in their arsenal. The CD's uses include repairing systems that fail to boot, malware removal, running chkdsk, and a host of others.

Point your browser to You'll find everything you need to know to build your own CD.

To reset a password, boot up your CD and open NTPWEdit. One can find it under Start>Programs>Password Tools>NTPWEdit.

Once the application is open, make sure that the path to the SAM(Security Accounts Manager) file is correct and press (Re)open. This is almost always, C:\WINDOWS\system32\config\SAM. If it is not correct, make the necessary changes and then press (Re)open.

A list of accounts will appear. Choose the appropriate account and press Change password. Type the new password in the dialog box that pops up and then verify it by typing it in a second time. If you want a blank password, leave the fields blank and simply hit enter.

Make sure to press Save changes before exiting. Otherwise, well, your changes won't be saved. That's it. Reboot and log into the account. This works on XP, Vista, and Windows 7. It probably works on NT and Windows 2000, as well.

Saturday, March 12, 2011

Back up and Restore Network Printers

Often times in the enterprise environment, when a new PC is deployed, the technician has to set up the network printers that the user had on their previous machine. Often times this can be a fairly long list of printers. Rather than making a note of each printer and restoring them one at a time or dragging the short cuts to a share, the technician can back up and restore a registry key. This key is:


There are couple of easy ways to back up this key on the old machine and restore it on the new machine.

Method One

Goto Start>Run>REGEDIT

Navigate to HKEY_CURRENT_USER\Printers\Connections

Right-click the folder and select Export. Save the .reg file on a network drive or an external hard drive.

Log on to the user's account on the new machine and simply double-click the .reg file. Confirm that you want to add the settings to the registry.

In XP, goto Printers and Faxes. In Vista and Windows 7, goto Devices and Printers. Right click on each printer and select Connect. Right-click on the printer that is to be the default and select Set as default.

Method Two

One can also backup the registry key from the command line. The following command will backup the key to the \\server\share network path. Be sure to put quotes around any paths that have spaces in them. Obviously, modify the command to meet your needs.

REGEDIT /E "\\server\share\printers.reg" "HKEY_CURRENT_USER\Printers\Connections"

On the new machine, follow the above directions to restore the network printers.

That's it. You can incorporate method two into a .bat file if you wish.