Tag: Windows 10

Sage Antivirus Exclusions – Powershell Script for Windows Defender

Sage Antivirus Exclusions – Powershell Script for Windows Defender

Sage Company Logo

What does this Powershell Script do?

This is a simple Powershell Script to automate the process of adding Exclusions for Sage Accounts into Windows Defender

It will carry out the File and Folder exclusions listed in the following Sage Article:
https://my.sage.co.uk/public/help/askarticle.aspx?articleid=12122

It Will NOT add the URL Exclusions.

The Script has been tested on the following Operating Systems:

Windows 10 32-Bit
Windows 10 64-Bit

The Script:

Download: Sage-Exclusions-Windows-Defender

Remember to run the Script as an Administrator.


Write-Host "Adding Sage Anti-Virus Exclusions" -ForegroundColor Green
Write-Host "Excluding Data Files Extensions" -ForegroundColor Yellow
Add-MpPreference -ExclusionExtension DTA, DTH, COA, S50
Write-Host "Excluding Report and Layout File Extensions" -ForegroundColor Yellow
Add-MpPreference -ExclusionExtension SRT, SLY, SLT, SLB, RPT
Write-Host "Excluding Sage Account File Extensions" -ForegroundColor Yellow
Add-MpPreference -ExclusionExtension report, layout, letter, label
Write-Host "Excluding Memo Files" -ForegroundColor Yellow
Add-MpPreference -ExclusionExtension SLM, PLM, NLM, ILM, BLM, CLM, DLM
Write-Host "Excluding Critera Files" -ForegroundColor Yellow
Add-MpPreference -ExclusionExtension SLC, SLI, PRC, PRO, NMC, NMI, BKC, BKI, SKI, IVC, IVI, SPC, SPI, PCC, PPI, PCI, REC, REI, SAC, SAI, IPC, IPI, PDC, PDI
Write-Host "Excluding Folders used by Sage Accounts (32-Bit and 64-Bit)" -ForegroundColor Yellow
Add-MpPreference -ExclusionPath "C:\Program Files\Common Files\Sage SBD"
Add-MpPreference -ExclusionPath "C:\Program Files (x86)\Common Files\Sage SBD"
Add-MpPreference -ExclusionPath "C:\Program Files\Common Files\Sage Line50"
Add-MpPreference -ExclusionPath "C:\Program Files (x86)\Common Files\Sage Line50"
Add-MpPreference -ExclusionPath "C:\Program Files\Common Files\Sage Report Designer 2007"
Add-MpPreference -ExclusionPath "C:\Program Files (x86)\Common Files\Sage Report Designer 2007"
Add-MpPreference -ExclusionPath "C:\Program Files\Common Files\Sage Shared"
Add-MpPreference -ExclusionPath "C:\Program Files (x86)\Common Files\Sage Shared"
Add-MpPreference -ExclusionPath "C:\Program Files\Sage EBanking"
Add-MpPreference -ExclusionPath "C:\Program Files (x86)\Sage EBanking"
Add-MpPreference -ExclusionPath "C:\Program Files\Sage"
Add-MpPreference -ExclusionPath "C:\Program Files (x86)\Sage"
Add-MpPreference -ExclusionPath "C:\ProgramData\Sage"
Write-Host "Script Complete" -ForegroundColor Green

For large organisations using Sage it is suggested that you configure the exclusions either via your Anti-Virus Management Console or via GPO.

How to completely remove Sage Accounts (V18 to V24) via Powershell

How to completely remove Sage Accounts (V18 to V24) via Powershell

Sage Accounts Company Logo

What is this:?

This is a Powershell Script to automate the removal of Sage Accounts version 18 to version 24 from a PC.

The script accomplishes the steps in Sage Article 31544:
https://my.sage.co.uk/public/help/askarticle.aspx?articleid=31544

Steps carried out to remove Sage Accounts:

Removes DSN and ODBC data sources

Deletes the following shared folders:
C:\Program Files\Common Files\Sage SBD
C:\Program Files\Common Files\Sage Line50
C:\Program Files\Common Files\Sage Report Designer 2007
C:\Program Files\Common Files\Sage Shared
C:\Program Files\Sage EBanking

Delete shared Sage files GAC, GAC_32 and GAC_MSIL

Deletes Sage files in the following locations:
C:\Windows\System32
C:\Windows\SYSWOW64\

Deletes the C:\ProgramData/Sage/Accounts Folder

Important Notes:

1) You must run the script as an Administrator

2) You must ensure that the correct execution policy is enabled on the PC

3) Do NOT use this script on a PC which has other Sage software installed on it (Payroll / ACT / Job Costing etc). If you do, it will likely break them and possibly cause data loss.

4) If the Sage Accounts or Payroll Company Data located on the machine that you MUST take a backup prior to running the script.

5) As per the above, this script removes the Sage Company Data located in C:\ProgramData\Sage\Accounts

6) You may see some error when it’s trying to remove some of the Sage software. This is due to the main Sage uninstaller removing the other installed (I.E. Sage Data Service). Sometimes however the main installer doesn’t work hence leaving this in the script.

7) The script will NOT remove .NET

8) It’s suggested that you read the script before blindly running it

9) I take no liability for any Damage caused from the use of this script. It is supplied as is. I’m not a scripting expert, I’ve just thrown it together. I’m sure there are better ways to do this.

10) Any suggested changes to the script are welcome. Feel free to drop me a comment with your suggestions.

Tested on the following Operating Systems:

Windows 10 64-Bit
Windows 10 32-Bit

The Sage Removal Script:

Download here:
Sage-Removal (V18 to V24)

$message = 'We recommend that you take a backup before running this script, it will delete ALL Sage files, INCLUDING Company Data'
$question = 'Are you sure you want to proceed?'
$choices = New-Object Collections.ObjectModel.Collection[Management.Automation.Host.ChoiceDescription]
$choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&Yes'))
$choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&No'))
$decision = $Host.UI.PromptForChoice($message, $question, $choices, 1)
if ($decision -eq 0) {
Write-Host 'confirmed'
} else {
Write-Host 'Uninstallation Cancelled'
exit
}
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "Stopping Sage Services"
Stop-Service *Sage*
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "Removing System DSNs"
Write-Host "Checking for and removing; OBDC 64-Bit SageLine50v18"
Remove-OdbcDsn -Name "SageLine50v18" -DsnType "System" -Platform 64-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 64-Bit SageLine50v19"
Remove-OdbcDsn -Name "SageLine50v19" -DsnType "System" -Platform 64-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 64-Bit SageLine50v20"
Remove-OdbcDsn -Name "SageLine50v20" -DsnType "System" -Platform 64-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 64-Bit SageLine50v21"
Remove-OdbcDsn -Name "SageLine50v21" -DsnType "System" -Platform 64-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 64-Bit SageLine50v22"
Remove-OdbcDsn -Name "SageLine50v22" -DsnType "System" -Platform 64-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 64-Bit SageLine50v23"
Remove-OdbcDsn -Name "SageLine50v23" -DsnType "System" -Platform 64-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 64-Bit SageLine50v24"
Remove-OdbcDsn -Name "SageLine50v24" -DsnType "System" -Platform 64-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "All 64-Bit ODBC Entries have been removed"
Write-Host "Checking for and removing; OBDC 32-Bit SageLine50v18"
Remove-OdbcDsn -Name "SageLine50v18" -DsnType "System" -Platform 32-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 32-Bit SageLine50v19"
Remove-OdbcDsn -Name "SageLine50v19" -DsnType "System" -Platform 32-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 32-Bit SageLine50v20"
Remove-OdbcDsn -Name "SageLine50v20" -DsnType "System" -Platform 32-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 32-Bit SageLine50v21"
Remove-OdbcDsn -Name "SageLine50v21" -DsnType "System" -Platform 32-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 32-Bit SageLine50v22"
Remove-OdbcDsn -Name "SageLine50v22" -DsnType "System" -Platform 32-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 32-Bit SageLine50v23"
Remove-OdbcDsn -Name "SageLine50v23" -DsnType "System" -Platform 32-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Checking for and removing; OBDC 32-Bit SageLine50v24"
Remove-OdbcDsn -Name "SageLine50v24" -DsnType "System" -Platform 32-bit -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "All 32-Bit ODBC Entries have been removed"
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
#
#
#### Uninstall Sage Accounts Program #####
#
#
#
Write-Host "Uninstalling Sage Software with their uninstallers"
$app = Get-WmiObject -Class Win32_Product | Where-Object {$_.Vendor -Like "Sage (UK) Ltd"}
$Name = $app.name
foreach ($a in $app){$app.Uninstall()
Write-Host "Uninstalling $a.Name"
}
#
#
#
#### Remove Sage Program Files and content #####
#
#
Write-Host "Removing Files from C:\Program Files"
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Remove-Item "C:\Program Files\Sage\Accounts" -Force -Recurse -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Remove-Item "C:\Program Files (x86)\Sage\Accounts" -Force -Recurse -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Remove-Item "C:\Program Files\Common Files\Sage SBD" -Force -Recurse -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Remove-Item "C:\Program Files\Common Files\Sage Line50" -Force -Recurse -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Remove-Item "C:\Program Files\Common Files\Sage Report Designer 2007" -Force -Recurse -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Remove-Item "C:\Program Files\Common Files\Sage Shared" -Force -Recurse -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Remove-Item "C:\Program Files\Sage EBanking" -Force -Recurse -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Remove-Item "C:\Program Files (x86)\Sage\Assemblies" -Force -Recurse -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
#
#
##### Get a list of Sage DLL Files from GAC and Uninstall with Regsvr32 #####
#
#
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "Removeing Files in GAC"
Get-ChildItem -Path C:\Windows\Assembly\GAC -Recurse -Include Sage* -ErrorAction SilentlyContinue | foreach ($_) {Remove-Item $_.FullName -Recurse -Confirm:$true}
Get-ChildItem -Path C:\Windows\Assembly\GAC_32 -Recurse -Include Sage* -ErrorAction SilentlyContinue | foreach ($_) {Remove-Item $_.FullName -Recurse -Confirm:$true}
Get-ChildItem -Path C:\Windows\Assembly\GAC_MSIL -Recurse -Include Sage* -ErrorAction SilentlyContinue | foreach ($_) {Remove-Item $_.FullName -Recurse -Confirm:$true}
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
#
#
##### Delete Sage DLL's from SYSWOW64 (64-Bit) #####
#
#
Write-Host "Removing files from SYSWOW64"
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Get-ChildItem -Path C:\Windows\SysWOW64\ -Recurse -Include sdoEng*.*, S23DBC32.dll, sg50SdoEngine230.dll, S22DBC32.dll, sg50SdoEngine220.dll, S21DBC32.dll, sg50SdoEngine210.dll, S20DBC32.dll, sg50SdoEngine200.dll, S19DBC32.dll, sg50SdoEngine190.dll, S18DBC32.dll, sg50SdoEngine180.dll, S17DBC32.dll, sg50sdoengine170.dll -ErrorAction SilentlyContinue | foreach ($_) {Remove-item $_.FullName} -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
#
#
##### Delete Sage Dll's from System32 (32-Bit) #####
#
#
Write-Host "Removing Files from System32"
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Get-ChildItem -Path "C:\Windows\System32\" -Include sdoEng*.*, S23DBC32.dll, sg50SdoEngine230.dll, S22DBC32.dll, sg50SdoEngine220.dll, S21DBC32.dll, sg50SdoEngine210.dll, S20DBC32.dll, sg50SdoEngine200.dll, S19DBC32.dll, sg50SdoEngine190.dll, S18DBC32.dll, sg50SdoEngine180.dll, S17DBC32.dll, sg50sdoengine170.dll, S24DBC32.DLL -ErrorAction SilentlyContinue | foreach ($_) {Remove-item $_.FullName} -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
#
#
##### Delete other Sage files and DLL's from System32 #####
#
#
Write-Host "Removing more files from System32"
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Get-ChildItem -Path "C:\Windows\System32\" -Include RepDes32.exe, repdes.cnt, SageBankBalances.tlb, SageBankPayments.tlb, SageBankReconciliation.tlb, SageEventHandler.Config, SageEventHandler.exe, SageFolderBrowser.dll, SG3D32.DLL, sg50Ps32.dll, SGAPPBAR.DLL, SGCDLG32.DLL, SGCOM32.DLL, SGCtrlEx.dll, SGDT32.DLL, SgESchema.xsd, SGHELP32.DLL, SgHmZLib.dll, SGINTL32.DLL, SGJPEG32.dll, SGLCH32.DLL, SGLCH32.USR, SGLIST32.DLL, SGLOGO32.DLL, SGOEdit.ocx, SGOList.ocx, SGOPopDg.dll, sgopopup.ocx, SGOSize.ocx, SGOTBar.ocx, SGRegister.dll, SGRegister.tlb, SGRep32.dll, SGSchemeDefault.dll, SGSchemeManager.dll, SGSchemeXml.dll, SGSchemeXP.dll, SGSTAT32.DLL, SGSTDREG.dll, SGStdReg.tlb, SGTBAR32.DLL, SGTOOL32.DLL, SGWebBrowser.dll -ErrorAction SilentlyContinue | foreach ($_) {Remove-item $_.FullName} -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
#
#
##### Delete other Sage files and DLL's from SYSWOW64 #####
#
#
#
#get-childitem 'C:\My Web Sites\' -recurse -Include Pass* | foreach ($_) {Remove-item $_.Attributes.Equals(Sage*)}
Write-Host "Removing User Temp Files"
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Remove-Item "C:\Users\$env:Username\AppData\Local\Temp" -Force -Recurse -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "Removing Program Data Files"
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Remove-Item "C:\ProgramData\Sage" -Force -Recurse -ErrorAction SilentlyContinue | Out-File .\Sage-Removal.txt -Append
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "Sage has been uninstalled"
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "Removing Sage Installer from Package Cache location"
$Uni = Get-ChildItem -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall, HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall |
Get-ItemProperty |
Where-Object {$_.DisplayName -match "Sage 50 Accounts" } |
Select-Object -Property DisplayName, UninstallString
ForEach ($ver in $Uni) {
If ($Uni.UninstallString) {
$uninst = $ver.UninstallString
Start-Process cmd -ArgumentList "/c $uninst /quiet /norestart" -NoNewWindow
}
}
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "....."
Write-Host "Please now manually check Programs and Features in Control Panel and remove any leftover installers"

Products from Amazon.co.uk

Avoid getting infected by threats like ‘WannaCry/WCry’ – Ransomware

Avoid getting infected by threats like ‘WannaCry/WCry’ – Ransomware

I’ve been asked about the WannaCry Ransomware a few times over the last few days. My top tips on how to avoid becoming a victim to these kinds of threats are below:

Keep your Systems up-to-date.

Windows updates can be irritating. We’ve all been there when we’re ready to go home and we’re waiting for Windows update to finish installing before the PC is shutdown. However, in the case of ‘WannaCry’ ransomware, the infections could have been avoided by the Microsoft Fix being installed. The Fix itself was released months ago, with Microsoft Updates turned on there is a vastly reduced chance of you getting this kind of infection that tried to access your machine via known Vulnerabilities in Microsofts software.

Use a supported Operating System.

The support for older versions of Microsofts Operating Systems like Windows XP ended ages ago. Microsoft were under no obligation to release a fix for the SMB issue that the ‘WannaCry’ infection exploited. Users on the latest Windows 10 operating System were immune to this issue as the auto updates would have patched the vulnerability when it was released. Refer back to item number 1.

Get yourself a decent Anti-Virus.

There are far too many people out there who run their Systems with either no Anti-Virus or a poor performing free Anti-Virus. With a paid Anti-Virus you’re in safer hands.

Personally, I recommend ESET Anti-Virus. I’ve used it for many years and have it on both my Home and Work Operating Systems. It’s low on Resource consummation and has an excellent virus detection rate. Those users who already have ESET will have been immune to the ‘WannaCry’ infection as ESET can detect and stop it. The same is said for many of the other varients of Ransomware

A Link is for ESET can be found at the bottom of this page.

Email – Be cautious, if in doubt don’t open them.

Email is possibly the biggest method in which machines are infected with viruses and malware. This means that if the users are more cautious and aware then there is less risk of being infected. Scammers are getting very smart in their methods of making an email look like it has come from a legitimate source when it hasn’t. I strongly suggest that you take care when going through your emails. If you don’t think the sender is legitimate then check with them before opening it. If you can’t contact them directly, delete the email. Better safe than sorry.

Going even further than this, if you’re a company you should have some kind of Email Filtering in place. Yes, it does cost a little bit of money but probably nothing in comparison to getting an infection and losing your data!

If it’s important to you – Have a BACKUP!

Despite having all of the above in place, there is still a chance of being infected by something that you can’t remove without having to reinstall you PC. In the event of this, it’s always best to have a backup! Anything that you have that you cannot do without you’ll want to backup. Backup to multiple locations and backup often.


728x90 ESET for Windows, 30 Days Free

Unable to update Windows 10 with DESlock+ Full Disk Encryption (FDE) enabled

Unable to update Windows 10 with DESlock+ Full Disk Encryption (FDE) enabled

Problem:

Unable to install the latest build of Windows 10 when DESlock+ Full Disk Encryption (FDE) is enabled on the System Disk.

When installing it brings up an error stating:
Disable encryption to continue or run windows setup with the /reflectdrivers command-line option

Background:

As Security is a big portion of what I do, I have both my Work and Home Windows 10 machines Encrypted with FDE. Its definitely overkill for my home PC but it serves a purpose on my work machine. I can sleep happily knowing that if the machine is ever stolen – They’re not getting to my data. It’s probably also worth mentioning that I recommend having FDE in place for businesses.

Resolution:

I used the following article to get round it:
https://support.deslock.com/index.php?/Default/Knowledgebase/Article/View/379

You need to Download the Media Creation tool, save an ISO and then install the DESlock+Win10Update utility:
https://support.deslock.com/resources/KB379/DESlock+Win10Updater.exe
DESlock+ Win10Update utility
When the Utility Runs, you need to point it at the mounted Win10 ISO. It will then complete the upgrade as normal.