Archived News from Rob van der Woude's Scripting Pages, 2016 Q2

• RepeatEvery.bat is a new batch file which repeats a command forever, with a specified interval, until any key is pressed.

The second public beta version of WMIGen.exe (compiled executable) has been released.
The time-limit has been changed from a week to a month, i.e. this one won't expire before July 20, by which time a new beta (or maybe even final) release will be available.
Windows 10's Windows Defender seems to mark the first beta as malware. Because I expect to release several more beta releases, with relatively short intervals in between, I will not submit the beta releases to Microsoft's false positives list.

Today the first public beta version of the completely rewritten WMIGen (compiled executable version, written in C#, instead of HTA) has been released.
I regularly used the HTA myself, and I got fed up with its poor performance, especially on older hardware (i.e. my ASUS EEE-PC NetBook); add to that Visual Studio's excellent IDE which makes writing and debugging code so much easier, and you may understand why I opted for a compiled executable.

• Error handling in the updated CloneDate.exe, LoCase.exe and UpCase.exe has been improved: instead of aborting on the first file error, they will now catch and report any file error and then continue with the next file.

• Today I received messages telling me that a modified version of my VBScript download script is being abused by criminals to download and run malware on unsuspecting recipients' computers.
The information on my site is available for everyone, unfortunately I have no way to block bad guys from abusing it.
There are however some things that you as recipients can do:

The most important one: use common sense; why would anyone you don't know send you e-mails with ZIPped attachments?
Consider using filter rules to block e-mails with ZIPped attachements. I know Mozilla Thunderbird has excellent filtering features; check your own e-mail software's manual, or built-in or online help, to find out if it supports filtering.
Use up-to-date anti-malware software, keep Windows up-to-date with Windows Update, and keep your browser(s) and its add-ons up-to-date.
This type of malware often drops its executable in the %Temp% directory, so why not block all executables in the %Temp% directory?
Using CryptoPrevent's Advanced Software Restriction Policies is one way to do this, with the advantage that you can temporarily disable this feature quite easily:

And temporarily disabling the restriction(s) will be required quite often, as many legitimate software publishers also use the %Temp% directory for their installers...
Make explorer show extensions for all file types, allowing you to see what type of file is sent.
When you see the file name "contract", it may seem OK at first glance, but when you see the full name "contract.exe"...
For Windows 7: open "Folder Options" in the "Configuration Panel" and uncheck "Hide extensions for known file types".

This is, of course, of no use if you don't have a clue about file types and their extensions, but in that case I doubt you would be visiting this site.
Consider if associating VBScript files with Notepad instead of WScript will be too much of a nuisance for you.
If you do associate ".vbs" with Notepad, you will have to use the command line or shortcuts to run them.
Before changing the file association, check and write down the current association first:

FOR /F "tokens=1* delims==" %A IN ('ASSOC .vbs') DO FTYPE %B

(command line version; use %%A and %%B in batch files)
This will show something like:

D:\>FTYPE VBSFile VBSFile="%SystemRoot%\System32\WScript.exe" "%1" %*

After writing down the old association, change it using the following command:

FOR /F "tokens=1* delims==" %A IN ('ASSOC .vbs') DO FTYPE %B=Notepad "%1"

(command line version; use %%A and %%B in batch files)
Rerun the first command to check the changes. If "1" is shown instead of "%1", rerun the second command using "%%1" instead of "%1".
Next time you doubleclick a VBScript file in explorer it will open in Notepad.

Note that this will only prevent VBScript files from running when doubleclicked, they can still be run using the WSCRIPT or CSCRIPT commands!

An alternative to association with Notepad would be to associate VBScript files with VBSEdit, which would allow you to run the script with just one extra click...

• Who would have guessed that a new book on batch files would see the light in 2016?
Well, Elias Bachaalany recently did write a new book on the subject: Batchography - The Art of Batch Files Programming.
Batch files rule! 🤓

Thanks Elias

• Pict_NT.bat has been updated:

limited support for extended ASCII characters in file names
images that are too wide will be displayed scaled down to window width

• Very interesting development: run Bash on Ubuntu on Windows 10.
Maybe I should upgrade my Windows 7 machines after all...

• An update for NoStartSkype.bat:

the batch file now uses REG.EXE instead of a .reg file to delete the Skype autostart entry from the registry (creating the .reg file in the proper Unicode encoding was prone to failure, depending on the active code page)
the batch file will restart itself with elevated privileges if necessary
the batch file will delete its temporary XML file when done

• I don't use Skype very often, so it really annoyed me when Skype, after every update, reenabled its autostart feature.
That is why I wrote NoStartSkype.bat, a batch file that creates a scheduled task to remove Skype's autostart from the registry at each logon and at each screen lock (a work-around for the limitation that I could not create a scheduled task that would do this at logoff).
Run the batch file once, with elevated privileges, and do not delete (nor move) the .reg file it creates, which is used by the scheduled task.

News Archives 2016 Q2