Extract Drivers

This script will extract all drivers from a computer and copy them to a folder structure organized by type. It is language dependent and currently works for Danish and English Operating System language.


Rebuild a corrupt WMI repository

If i run into client computers that have issues with WMI i usually run through these steps:

Run this command to verify WMI:

If the above command returns “inconsistent” then i would run the following command:

Then i would use verifyrepository again to check the state. If it is still “inconsistent” then i would run the following command:

This will stop the WMI service and rename the repository (C:\Windows\System32\wbem\repository) and start the WMI service.

This should resolve the WMI issues.

In case you are in a SCCM environment the affected computer would need its SCCM client reinstalled.

Uninstall Microsoft Software Update deployed with SCCM

I recently had to uninstall a Software Update deployed by SCCM 2012 on a Windows 10 client. Before when running SCCM 2007 i used to run WUSA with the following syntax:

wusa.exe / uninstall / kb: <KBnumber> /quiet /norestart

This didnt work  with the /quiet parameter so instead i had to use DISM as i need to be able to uninstall it silently.

DISM takes the packageName of the Software Update as input which can be found by running the following command on a client which have the Software Update installed:

dism /online /get-packages /format:table

From the list find the Package Identity Name of the Software Update.

Run this command to uninstall the KB3144756 silently:

DISM.exe /Online /Remove-Package /PackageName:Package_for_KB3144756~31bf3856ad364e35~amd64~~ /quiet /norestart

It might require a reboot for the update to be fully removed.

Track system Startup, Shutdown, Uptime and much more using Windows logs Event ID’s

The following Event ID’s in the System log are nice to know for various debugging scenarios on the client computers.

1074 – Information about program or user that initiated restart/shutdown

6005 – Startup time

6006 – Shutdown time

6013 – System uptime

Using the “Filter Current Log” feature allows you to search for occurences of the events you want to dig into.

Using a PAC file to restrict access to Websites

If you want to control which websites can be accessed from one or more computers a PAC file solution can be used.

The PAC file is a fairly simple file containing information on which sites can or cant be accessed – depending on what your needs are. This means you can set up a solution where all websites can be accessed except from the ones in your PAC file or you can setup a solution where all websites are blocked except from the ones in the PAC file.

In Internet Explorer you then have to enable the “Use automatic configuration script” under Tools > Internet Options > Connections > LAN Setting and then point to the location of your PAC file. The PAC file can be placed both locally or on a webserver.

Example of a PAC file where only the sites *.google.com, *.facebook.com and *.msn.com can be accessed (Proxy.pac):

Example of a PAC file where the above sites are blocked and all other sites can be accessed.


Bootable USB

This guide will tell you how to make a bootable USB. To make the bootable USB you need to use DISKPART which comes with Windows. Its important tho that you use either Windows Vista or Windows 7 otherwise DISKPART cant detect your USB key as a drive.

Start your command prompt and type diskpart – this will open a new diskpart window. The rest is shown in the screendump below.

Change Shutdown Setting

When doing automated reboots using shutdown.exe in my scripts i sometimes need to change back the default shutdown option so the user will have “Shutdown” as the default selection in the shutdown box.

The shutdown setting determining the default shutdown option – (log off, shutdown, restart, standby, hibernate, disconnect) can be found in the registry under current user settings.

Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
Value: Shutdown Setting
Radix: Hex
Data: 00000002

The possible values for Shutdown Setting are:

00000001 = Log Off
00000002 = Shut Down
00000004 = Restart
00000010 = Stand By
00000020 = Stand By (with wakeup events disabled)
00000040 = Hibernate
00000080 = Disconnect (only available in Terminal Services sessions)

Slipstream updates into your Office 2007 installation

I recently had to update a standard Office 2007 installation with SP2. This is easily done with a few commandlines assuming that you have both downloaded the SP2 update and have the Office 2007 installation files already avaliable.

Locate the Updates folder among your Office 2007 installation files. This is the folder where we want the SP2 files to end up. In my example the path to the updates folder is :


I placed the SP2 update in a temporary folder:


To extract the SP2 update and thereby slipsteam the SP2 update into the Office 2007 installation simply type the following:

E:\Temp\Office2007-SP2-Update\office2007sp2-kb953195-fullfile-da-dk.exe /extract:”E:\Office2007\Updates”

Accept the licence agreement and follow the steps until you get a confirmation that the installation is complete.

Now you are ready to install Office 2007 SP2.

If you want to slipsteam other Windows updates into your Office 2007 installation files simply repeat the steps above only by replacing the update you want to slipsteam.

Using SubInACL to grant permissions to a folder and its subfolders and files

Recently i had to delete a lot of temporary folders on a large number of domain computers. A GPO had caused a number of folders to be created in the root of C each time a user logged onto a computer. After having sorted the GPO i had to find a way to delete all the folders again. The tricky part was that the folders had different owners and thus different permissions assigned so they could not all be deleted by the current user.

Microsofts command-line tool SubInACL proved to be exactly the tool for the job and i could easily make a vbs script which could do the cleanup job for me at logon – no matter who was logged on.

I simply used SubInACL to give the current user Full Access to all the folders and their subfolders and files by looping through the folder structure and subsequently deleting the folders which matched my deleting criteria.

The syntax i used to give the current user full access a folder and its subfolders and files was this:

subinacl.exe /verbose=1 /subdirectories c:\folder\*.* /grant=Current user=F

Look up the MAC address on a remote computer with GETMAC

To look up a MAC Address on a remote computer you can use the build in windows tool called GETMAC.

Except from the MAC Address GETMAC can also supply information about network protocols and network adapter.


To get the MAC address of the remote computer PC123456 you simply type the follwing:

getmac /s PC123456

To get full details about adapter name and connection names aswell you simple add the parameter /v.

getmac /s \\PC123456 /v

Full documentation