All posts by J Stassen

Script: Unhide Network Drive Folders

There is an infection going around that hides all folders on a network drive and sets them as system folders. Here is a script I wrote that will remove the hidden and system attributes all folders/files in a directory you specify.
It uses the “attrib -h -s” and is not recursive into subdirectories.

For complete removal of the infection, naturally scan all machines. Remove any rouge autorun.ini files and rouge .exe files on the network drive.


I haven’t tested on all system setups and naturally comes with no warranty.

Update 3/22/2013

This script can only be run against a folder ( C:/Production/Shared ) not against an actual mapped drive ( S:/ ) at this time.

Update 3/27/2013

Here is a quick list of things to check regarding cleaning up the infection/worm.

  • Scan all PCs with Malwarebytes
    • Cleanup the the startup items
    • Cleanup and rouge exe files located
      • C:\User\%Username%
      • C:\User\%Username%\AppData
      • C:\User\%Username%\AppData\Roaming
    • Find proccess the infection is running under. Example:  jjhhgg.exe
  • Network drives, Flashdrives, External Harddrives
    • Delete all *.exe that mimic a folder and have a folders name
    • Delete autorun.inf
    • Delete x.mpg
    • Deltee anything else odd, rouge .exe files, photos files with .exe extentions
    • CMD Prompt, browse to the folder and run
      • attrib -h -s
      • Note this only unhides files, not folders.
    • CMD Prompt, browse to the folder and run
      • FOR /F "tokens=*" %i IN ('DIR /A:D /b') do attrib -h -s "%i"
      • Note this only unhides folders, make sure to have the quotation marks


Utility: ISO Rip / Mount

I was searching around and found a set ISO utilities that are a great pair together. Both have no cost.

Portable Lightweight ISO Rip utility


LCISOCreator is great for creating .iso rips of a cd quickly.

ISOs rips are bootable for virtual machines. For physical machines I load the ISOs to a bootable USB disk. The interface can’t get much simpler. I can’t think of more to say.

LCISOCreator.exe (52KB)
Developers’s site seems to be no more.

Portable Lightweight ISO Mount utility


PortableWinCDEmu is great for mounting .iso files to a new virtual drive quickly.

The app does have to load a driver, naturally. The driver can be removed right from the app when you are finished. You can mount multiple images.

Supported image formats: iso, cue, img, nrg, mds, ccd, bin

PortableWinCDEmu-4.0.exe (229KB)
Developer’s Site

UX: Chromebook Profile Migration

I recently updated my Google Account password. The Chromebook had to do a migration of my profile. All went fine. However I think the UX during the migration could use a bit of touch up.

Requires old Password

I imagine this may be because the data is encrypted using the the Google Account password. My concern being, what if the user forgot their old password which is the reason for changing their password? I would have to hear some thoughts for and against this, but what if a unique key were created and stored server-side for any encryption? That might cause issues for an offline login to the Chromebook. I would have to think about this

UI feedback

The migration takes a little bit of time. During the process there is a no UI message, the Chromebook acts as if it were froze. Either a please wait message or the built in spinning loading mouse cursor would be good feedback for the user.


Overall the Chromebook is fantastic. I love the CR-48 and it continues to run the latest version of Chrome OS well!

Case Study: Unique Serial

I did some work repairing a gift certificate for that a previous coder had created. The certificate is quite fantastic and keeps track of purchased certificates in a database. However, much of the code was written for PHP4 and had logic bugs that needed to cleaned up. A nice fun side project to work on.

The Problem.

The original coder used PHP’s rand() function to generate a number between 10,000,000 and 99,999,999 for the serial + the purchaser’s full name.

Not Unique. The obvious reasoning being that they didn’t want someone to be able to guess a certificate number and redeem a previously payed for certificate. Makes sense. However, there is a key flaw with creating serials this way. Random != Unique. There is the off chance, given time, that two certificates will be created with the same serial!

Using Names. The original coder recognized there was a chance a duplicate serial could be picked. They decided to use both the serial and the the buyer’s first and last name as the unique entries. Excellent idea and certainly seems to solve the problem. However, names tend to be unpredictable and unreliable. For instance, some last names are multi-part (Elfriede Von Kosh), have punctuation (Patrick O’Conner), or contain diacritic marks (Soňa Novak) among other things. This can cause unreliability with the app.

The question.

How can I create a better method of serializing the certificates?

Here are some requirements I came up with:

  • It has to be unique
  • Cannot be re-used
  • Non-continuous
  • Not guessable
  • Shouldn’t need to query the database to verify the serial hasn’t been used
  • Meaningful
  • Manageable in length

The Solution.

I decided simple solution is to use the full date/time + 4 random digits. For example this moment would be 2013-02-17 at 17:11:32 + 8345  or in string format  201302171711328345.

The Date. This serial has the benefit of telling us the exact moment it was generated. I use a 24-hour clock keep the length of the string always the same as well as to avoid the accidental repeated digit twice a day (9am and 9pm), that would be quite awkward. It would only increases the odds of getting a duplicated serial.

The +5 Digits. Using just the date and time down to the second I was still bugged that in theory two users could land on the page at the same moment and be served up the same serial. That’s why I felt the necessity to add the +4 random digits to the end of the string. While in theory it may be possible to still to generate duplicate serials, this makes it rather unlikely. During the save to the database we can always do a double check if we feel it is needed.

The Code.

For the landlubbers that want to use use this method of creating a serial, but don’t want to write it themselves – Here is what it looks like in PHP:


Too simple? Know a better solution? This only would work for small-medium sites.

Photo Exif Edit

I discovered that is is rather difficult to edit exif tags on photos. Its probably by design to prevent tampering of falsifying information.

I have been creating HDR photos with my Nikon D5000. It’s been a great success and good fun! However my HDR software keeps all the original exif info from the first image in the series. Some of the data is no longer relevant  specifically the the exposure length or ISO! Can you imagine an HDR photo take at 1/1000 sec with a 200ISO? I think not!

Why does it matter? Well my over in my Photo Gallery it shows the camera settings at which each of the photos were shot. It bugs me that on those types of work it shows wrong info!

I spent some time searching and eventually came upon ExifToolGUI.

  • Allows you to edit / remove many exif tags
  • Edit geolocation
  • No cost

It takes a little effort to set it up, but here is a great tutorial of setting it up. But basically you have to place the command line ExifTool in the same directory as the ExifToolGUI app.

Grouping Mailboxes with PowerShell

Here is a snip-it of PowerShell Code I am using to group and count the number of mailboxes on an Microsoft Exchange Server 2008 using CustomAttribute1.

On our server we have a unique ID stored in the CustomAttribute1 for mailboxes that belong to different groupings. For example in the CustomAttribute1 we store the company ID, in CustomAttribute2 we may store the service level they pay for. We found the need to keep a count of the number of mailboxes belonging to different companies.

$CountMembers = @{}
Get-Mailbox | foreach-object {$CountMembers[$_.CustomAttribute1]++}

Naturally from here we can append the | Out-File Report.txt to save to a txt file. Ideally I would like to export to a csv, however this data format doesn’t support that. I may look further into this in the future.

We can use this method to group mailboxes by any common attribute actually. Say the count the number of mailboxes on each database using $_.Database

Search Everything

I have been using a real nice application “Search Everything” that I think is worth sharing.

Windows search is not my favorite, I find it rather cumbersome, and rather slow. Search Everything takes the application about 5 – 15 seconds to index the entire drive. Search results are returned live as you type. By default it searches all files, temp, system, hidden, you name it.

Here are some creative uses and wildcard searches I often do.

  • To restrict your search to a certain subfolder use a backslash *\windows\*sol.exe
  • To restrict your search to a specific drive letter D:\*sol.exe
  • Finding misplaced files, say a .pst or .doc
  • Verifying the pc has no lingering .doc, .xls, jpg, .pst files before formatting the HDD
  • Also great for finding an infection’s location if you know process file name

The installer or portable version can be found on the developer’s site: