Installing Applications on a Terminal Server

Because of the Sophos issues that many of my clients experienced, many endpoints required a re-installation, particularly on Terminal Servers. This is a quick and easy reminder of best practices for installing applications on a terminal server.

  1. Log on to the server as a domain administrator
  2. Open up command prompt and type the following command
    change user /install
  3. Your session will now be ready to install applications that will work across all user profiles.
  4. Install the application required e.g. Microsoft Office
  5. Once you have finished the install open up command prompt again and type in
    change user /execute

Sophos: Shh/Updater-B False Positive

What a morning! I walk into work, sit down, getting ready to munch on my cheese and bacon roll, open Outlook, BAM! Email spam about Sophos AV, FML…

This morning a False Positive update was released to all Sophos endpoint machines. Any computer that was left running overnight would have automatically downloaded the update and applied it. The result, 667 Viruses Alerts. Uh-oh. Investigations began and we found out that it was indeed a false positive update released by Sophos.

Quick way to resolve this issue which is also outlined in the above Naked Security blog:

  1. Log into your Sophos Enterprise Console.
  2. Make sure that all your Anti-Virus and HIPS policies are configured to “Deny access only” if automatic cleanup is not possible
    On Access Policy
  3. Once you’ve edited all the policies that affect your endpoints, click on the Viruses/spyware link under Computer Alerts
  4. Select all the machines that have the SHH/Updater-B virus, right click > comply with > Group Anti-Virus and HIPS Policy
    Apply policy
  5. Confirm if the policy has been successfully applied
  6. Right click the computer with Same as policy and select Resolve Alerts and Errors. A window will appear and you will need to select all the computers with the SHH false positive and click Acknowledge.
  7. Repeat the process for any computers that are offline
  8. Email your angry clients and blame good ol’ Sophos for their worries 🙂


So this False Positive has also deleted updating files across ALL APPLICATIONS including, but not limited to, Google, Adobe, CA ARCserve, Sophos, Quickbooks, NVIDIA…. and the list goes on.

It’s gonna be a loooooooooong day!

Testing SMTP using Telnet

As an IT admin, you might find yourself in a situation where you need to test sending emails without an email client such as Microsoft Outlook. When that time comes, a great way to test SMTP connectivity is leveraging TELNET.

Here are a few easy steps to test mail flow:

  1. Make sure you know what SMTP server you are trying to connect to e.g. or if it’s an internal mail server you can use the FQDN or IP address e.g. MAILSERVER.local or
  2. Make sure you have telnet installed on your client machine, you can do this via the following technet article
  3. Open up command prompt on your machine, click on start > run and type in cmd.
  4. In the command prompt window, type: telnet servername/IP 25 and press enter.
    Note: telnet initiates a telnet connection, the server name is the mail server you are attempting to send mail from and 25 is the default SMTP port.
  5. Now type in the following to test mail flow:
    Note: after each step press enter
  • HELO mail server domain name e.g. HELO
  • MAIL e.g. MAIL
  • RCPT e.g. RCPT
  • DATA
  • Type in some test data, this will be the body of the email e.g. Hello Sir 🙂
  • To stop typing in text in the body, you need to press Enter followed by a full stop . the press Enter again.
  • QUIT to exit the telnet session
If your email comes through then you’re a winner, if not don’t stress, there will most likely be other restrictions in place to prevent you from sending emails from SMTP servers. Please note that this is the first point of mail flow testing and further troubleshooting may be required.
This is also a good way of finding out if the host you are connecting to is actually a mail server! Unless of course SMTP is on another port or firewall rules are in place.

Creating a Windows Batch Script

A few solutions that I will post in the future will utilise Windows Batch scripts (.bat) files. Here is a quick tutorial on how to create a batch script in Windows:

  1. In Windows Explorer, click on Tools (press alt key if you can’t see it), then select Folder Options
  2. Click the View tab. Under Advanced settings, untick Hide extensions for known file types and click OK to save changes.
    Folder Options
  3. Open your favorite text editor e.g. notepad
  4. Type in the Windows commands that you want to include in your batch script e.g. net stop spooler
  5. Click on File, then select Save as
  6. Under Save as type, click the dropbox and select All Files
    Save as image
    Type in a relevant name and make sure you add a .bat at the end e.g. StopSpool.bat
  7. Save the file to your required location e.g. desktop. Browse to the saved location and TEST script to see if it works. You will notice that the .bat extension will be displayed.

Happy scripting 🙂

Cleanup Windows & Java Temporary Files using a Batch Script

Recently, there was a breakout of malware tricking people to install a fake “anti-virus” software, which in turn infected their machines. Mind you, the primary reason machines get infected in the first place is because people are browsing dodgy websites so BE CAREFUL or get PROTECTED!

The infected files are usually downloaded to a temporary internet files folder or java temporary folder and are executed/installed from there. It’s always good practice to clear out these temporary files to prevent malicious activity as well as save you some disk space. This batch script can be used as a scheduled task or deployed through your favourite monitoring tool to “cleanup” these temporary files.

This script should work on all Windows platforms so happy cleaning 🙂

Delete All Temporary Files

Note: copy and paste the below code into notepad and save as the text file as a .bat file. Change the “Save as type” to All Files and make sure you add a .bat to the end of the name e.g. Cleanup.batThere is a tutorial post located here.

@echo off
::Written by Samontech
::Determine which version of Windows is installed
::Set Variable Version to unknown

SET Version=Unknown

IF %ERRORLEVEL% EQU 0 SET Version=”Windows 2000″

VER | FINDSTR /IL “5.1.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows XP”

VER | FINDSTR /IL “5.2.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows 2003″

VER | FINDSTR /IL “6.0.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows Vista”

VER | FINDSTR /IL “6.1.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows 7″

VER | FINDSTR /IL “6.2.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows 8″

VER | FINDSTR /IL “6.3.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows 8.1″

ECHO The version of Windows found is %VERSION%

IF %VERSION% == “Windows XP” GOTO XP
IF %VERSION% == “Windows 2000” GOTO XP
IF %VERSION% == “Windows 2003” GOTO XP
IF %VERSION% == “Windows Vista” GOTO WIN7
IF %VERSION% == “Windows 7” GOTO WIN7
IF %VERSION% == “Windows 8” GOTO WIN7
IF %VERSION% == “Windows 8.1” GOTO WIN7

::If no versions are found go to UNKNOWN

ECHO WIN7 script to execute
cd /D C:\users
ECHO Clean Temp Folder
for /D %%a in (*.*) do DEL /F /S /Q “%%a\AppData\Local\Temp\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\AppData\Local\Temp\*.*”) DO RMDIR /S /Q “%%b”
ECHO Clean IE Cache
for /D %%a in (*.*) do DEL /F /S /Q “%%a\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*”) DO RMDIR /S /Q “%%b”
ECHO Clean JAVA Cache
for /D %%a in (*.*) do DEL /F /S /Q “%%a\AppData\LocalLow\Sun\Java\Deployment\cache\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\AppData\LocalLow\Sun\Java\Deployment\cache\*.*”) DO RMDIR /S /Q “%%b”


ECHO XP script to execute
cd /D “C:\Documents and Settings”
ECHO Clean Temp Folder
for /D %%a in (*.*) do DEL /F /S /Q “%%a\Local Settings\Temp\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\Local Settings\Temp\*.*”) DO RMDIR /S /Q “%%b”
ECHO Clean IE Cache
for /D %%a in (*.*) do DEL /F /S /Q “%%a\Local Settings\Temporary Internet Files\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\Local Settings\Temporary Internet Files\*.*”) DO RMDIR /S /Q “%%b”
ECHO Clean JAVA Cache
for /D %%a in (*.*) do DEL /F /S /Q “%%a\Application Data\Sun\Java\Deployment\cache\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\Application Data\Sun\Java\Deployment\cache\*.*”) DO RMDIR /S /Q “%%b”


ECHO Temporary files successfully deleted

ECHO Operating System Unknown



Edit: Added Windows 8 paramater 🙂 special thanks to wampbox for that!

Quickie Intro

I’m a 23 year old IT professional (oooooh :D) just wanting to help out with some of the knowledge and experience I’ve gained over the 5 years I’ve been in the industry. I’ve relied on my pal google to help me throughout the years and here’s hoping that I can help others out there too!

I’ll do my best to make computer stuffs sound interesting so that you aren’t yawning *yawwwwn* while reading these posts, but it won’t be all IT related. I’ll be putting random things that I find interesting up as well so you can either love it or hate it 🙂