administrative tools Archives

Winsage

February 24, 2026

Windows 11 Has 4 Powerful Features Most Users Never Turn On (But Should)

Microsoft's Windows 11 includes several built-in features that enhance usability and system management, which can be activated by users: 1. Clipboard History: Allows users to retain multiple copied items and access them with Win + V. To enable, go to Settings > System > Clipboard and toggle on Clipboard history. 2. Snap Layouts: Provides predefined window arrangements for better organization of applications. To ensure it's enabled, go to Settings > System > Multitasking and turn on Snap windows. 3. Show File Extensions: Displays full file names including extensions for better identification of file types. To enable, open File Explorer, select View > Show > File name extensions. 4. Storage Sense: Automates the removal of temporary files and manages storage space. To enable, go to Settings > System > Storage and toggle on Storage Sense. 5. "God Mode": Creates a folder that centralizes access to various administrative tools and settings. To enable, create a new folder on the desktop and rename it to GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}. These features are built into Windows 11 and do not require third-party applications.

Tech Optimizer

February 16, 2026

Researchers Uncover OysterLoader, an Advanced Obfuscated Loader Powering Rhysida Attacks

OysterLoader, a sophisticated malware loader also known as Broomstick and CleanUp, has emerged as a significant threat since mid-2024. It is a multi-stage downloader linked to ransomware attacks and data theft, particularly associated with the Rhysida ransomware group. Written in C++, it infiltrates systems through malicious websites that impersonate legitimate software download platforms, tricking victims into executing a signed Microsoft Installer (MSI) that launches the malware. OysterLoader employs a four-stage infection chain designed to evade detection. The first stage uses a packer named TextShell to load hidden code into memory, creating an illusion of legitimacy through harmless Windows API calls. The second stage decompresses a concealed payload using a modified LZMA algorithm. The third stage functions as a downloader and environment tester, establishing contact with its command-and-control (C2) server via HTTPS. In the final stage, OysterLoader installs a malicious DLL that executes every 13 minutes through the Windows Task Scheduler, communicating with multiple hardcoded servers and transmitting critical system information. The malware uses customized Base64 encoding and variable communication endpoints to evade detection. Its primary objective is to ensure persistence and facilitate the delivery of additional payloads, including ransomware and credential stealers. Security analysts predict that OysterLoader will remain a formidable threat through 2026, particularly for organizations downloading administrative tools from unverified sources. Indicators of Compromise (IOC): - Mutex: h6p#dx!&fse?%AS! - Task: COPYING3 (rundll32 DllRegisterServer) - C2 Domain: grandideapay[.]com/api/v2/facade - RC4 Key: vpjNm4FDCr82AtUfhe39EG5JLwuZszKPyTcXWVMHYnRgBkSQqxzBfb6m75HZV3UyRY8vPxDna4WC2KMAgJjQqukrFdELXeGNSws9SBFXnYJ6ExMyu97KCebD5mTwaUj42NPAvHdkGhVtczWgfrZ3sLyRZg4HuX97AnQtK8xvpLU2CWDhVq5PEfjTNz36wdFasecBrkGSDApf83d6NMyaJCsvcRBq9ZYKthjuw5S27EVzWrPHgkmUxFL4bQSgMa4F - IP: 85.239.53.66

Winsage

January 21, 2026

Copilot AI: What You’re Missing on Windows 10 PCs — Virtualization Review

Microsoft's Copilot AI experience differs significantly between Windows 11 and Windows 10. On Windows 11, Copilot is integrated at the system level, allowing it to perform tasks such as opening specific Settings pages, toggling system settings, launching built-in applications, and providing contextual guidance with UI navigation. In contrast, Windows 10 users can only access Copilot through browser-based interfaces, limiting its functionality to providing written instructions without the ability to execute actions or interact with local system features. Copilot on Windows 10 lacks awareness of the operating system and cannot manage system configurations or settings directly, while Windows 11 allows for direct interaction with cloud-managed settings.

Winsage

January 19, 2026

Windows 11 Pro Upgrade Gains And Limits Revealed

Upgrading from Windows 11 Home to Pro does not significantly change the day-to-day experience, as both editions share a similar interface, performance, and core features like Copilot, File Explorer tabs, and enhanced Game Mode. Security features, including Secure Boot and Windows Defender, are consistent across both editions. The Pro edition offers additional administrative tools for enhanced security, remote access, and device management, making it suitable for users managing multiple PCs or needing corporate resource access. Key features of Pro include the ability to join Active Directory domains, centralized control over settings, full BitLocker capabilities, Remote Desktop hosting, and virtualization tools like Hyper-V and Windows Sandbox. Pro also supports higher hardware limits, accommodating up to 2TB of RAM and multiple CPU sockets. The pricing for Windows 11 Home is typically 9.99, while Pro is 9.99, with an upgrade fee of .99 from Home to Pro. Upgrading from eligible Windows 10 devices does not incur additional costs. Users who should consider upgrading to Pro include those managing multiple PCs, requiring Remote Desktop, or needing to comply with encryption policies. In contrast, gamers or casual users may find Home sufficient, as both editions provide the same gaming capabilities and interface without performance differences.

Tech Optimizer

November 13, 2025

Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software

Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have discovered an attack campaign that uses legitimate Remote Monitoring and Management (RMM) tools, specifically LogMeIn Resolve and PDQ Connect, to deploy backdoor malware on users' systems. Attackers lure victims to fake download sites that mimic legitimate software pages for utilities like Notepad++, 7-Zip, and VLC Media Player, delivering modified versions of LogMeIn Resolve. The malicious installers are disguised with filenames such as "notepad++.exe" and "chatgpt.exe." Once executed, these files install the RMM tool and additional malware capable of stealing sensitive information. ASEC has identified three CompanyId values associated with the attacks: 8347338797131280000, 1995653637248070000, and 4586548334491120000. The malware, known as PatoRAT, is a Delphi-developed backdoor that gathers system information and has extensive malicious capabilities, including keylogging and remote desktop access. Users are advised to download software only from official websites and verify digital signatures, while organizations should monitor for unauthorized RMM installations and the identified indicators of compromise.

AppWizard

October 18, 2025

How to Get Barrier Blocks in Minecraft

Barrier blocks are invisible structures in Minecraft that serve as solid barriers, primarily used in Creative mode for various purposes such as crafting adventure maps and preventing griefing. They cannot be crafted or mined and are obtained through command inputs. In Java Edition, players use the command PLACEHOLDER1144f3dc39f3cb4e to get barrier blocks, while in Bedrock Edition, the command is PLACEHOLDERe962a8294e1767cd. Barrier blocks are unbreakable and not usable in Survival mode. They show a red "no entry" symbol when held and can be placed to create invisible boundaries or conceal world limits. Best practices include documenting placements and using them to enhance gameplay experiences.

Winsage

August 10, 2025

Windows UAC Bypassed via Character Editor, Allowing Local Privilege Escalation

A cybersecurity researcher, Matan Bahar, has developed a method to bypass User Account Control (UAC) in Windows using the Private Character Editor (eudcedit.exe), which is located in C:WindowsSystem32. This utility, intended for creating user-defined characters, can be manipulated to grant attackers elevated privileges without user consent. The exploit takes advantage of the application manifest configuration of eudcedit.exe, which includes directives that allow the program to run with full administrative rights and enables an elevated PowerShell session. This method poses a significant security risk as it exploits a trusted Windows utility, highlighting vulnerabilities in Windows security architecture. Security professionals are advised to monitor unusual execution patterns related to eudcedit.exe and reconsider UAC configuration policies to mitigate such risks.

Winsage

July 14, 2025

Windows 11 preview adds “quick machine recovery” for automatic PC repairs

Microsoft is enhancing Windows 11 with a feature called Quick Machine Recovery (QMR), currently in preview builds, designed to address boot failures. QMR uses the Windows Recovery Environment (WinRE) to automatically connect to the internet and Microsoft’s servers for solutions during repeated boot failures. It was developed in response to a mid-2024 incident where a security update caused widespread outages. QMR introduces two modes: cloud remediation, which searches for fixes via Windows Update, and auto remediation, which continuously checks for and applies fixes automatically. Control over QMR varies by Windows edition, with Home users having it enabled by default and Pro and Enterprise users able to configure it. QMR is currently available to Windows Insider Program participants and is expected to be included in the Windows 11 25H2 update in late 2025.

Winsage

March 26, 2025

Hackers Exploit Windows MMC Zero-Day Vulnerability to Execute Malicious Code

Russian threat actors are exploiting a zero-day vulnerability in the Microsoft Management Console (MMC), identified as CVE-2025-26633, allowing them to bypass security features and execute harmful code. The hacking group Water Gamayun, also known as EncryptHub and Larva-208, is behind this campaign, using a weaponized version of the vulnerability called “MSC EvilTwin” to deploy various malicious payloads, including information stealers and backdoors. The vulnerability affects multiple Windows versions, particularly older systems like Windows Server 2016. The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-26633 to its Known Exploited Vulnerabilities Catalog, requiring federal agencies to patch affected systems by April 1, 2025. Microsoft included this vulnerability in its March 2025 Patch Tuesday update. Recommended mitigations include applying security patches, restricting network access to MMC ports, and monitoring for unusual MMC activity.

Winsage

February 18, 2025

100+ run commands that can help you work efficiently on Windows

Windows 11 and 10 provide run commands that streamline workflow by allowing quick access to various system tools, applications, settings, and diagnostic features. Administrative Tools: - compmgmt.msc: Opens Computer Management. - devmgmt.msc: Launches Device Manager. - diskmgmt.msc: Opens Disk Management. - services.msc: Manages background services. - eventvwr.msc: Opens Event Viewer. - secpol.msc: Opens Local Security Policy. - regedit: Opens Registry Editor. - taskschd.msc: Opens Task Scheduler. - gpedit.msc: Opens Group Policy Editor (Pro & Enterprise). System Diagnostics and Troubleshooting: - msinfo32: Opens System Information. - dxdiag: Launches DirectX Diagnostic Tool. - verifier: Opens Driver Verifier Manager. - resmon: Opens Resource Monitor. - perfmon: Opens Performance Monitor. - mdsched: Runs Windows Memory Diagnostic. - msdt: Opens Microsoft Support Diagnostic Tool. - dism /online /cleanup-image /restorehealth: Repairs Windows image. - sfc /scannow: Scans and repairs system files. - chkdsk: Runs Check Disk. - winver: Checks Windows version. - cleanmgr: Opens Disk Cleanup. File and Storage Management: - cleanmgr: Launches Disk Cleanup. - dfrgui: Opens Disk Defragmenter. - chkdsk: Checks and repairs disk errors. - diskpart: Opens Disk Partition utility. - onedrive: Opens OneDrive folder. - shell:AppsFolder: Opens all apps folder. - wab: Opens Windows contacts folder. - explorer: Opens File Explorer. - recent: Opens recent files and folders. - documents: Opens Documents folder. - downloads: Opens Downloads folder. - favorites: Opens Favorites folder. - pictures: Opens Pictures folder. - videos: Opens Videos folder. - %AppData%: Opens App Data folder. - debug: Accesses Debug folder. - backup: Opens backup folder. - %systemdrive%: Opens system drive. Security and Maintenance: - firewall.cpl: Opens Windows Defender Firewall. - wf.msc: Launches Firewall with advanced security. - ms-settings:windowsdefender: Opens Windows Security. - sigverif: Verifies file signatures. - verifier: Checks driver integrity. - msconfig: Opens System Configuration. - sfc /scannow: Runs system file checker. - dism /online /cleanup-image /restorehealth: Repairs Windows image. Launching Apps: - notepad: Opens Notepad. - calc: Launches Calculator. - snippingtool: Opens Snipping Tool. - mspaint: Opens Microsoft Paint. - winword: Starts Microsoft Word. - excel: Opens Microsoft Excel. - chrome: Launches Google Chrome. - msedge: Opens Microsoft Edge. - control: Opens Control Panel. - explorer: Opens File Explorer. - powerpnt: Opens Microsoft PowerPoint. - firefox: Opens Mozilla Firefox. - wmplayer: Opens Windows Media Player. - msra: Opens Windows Remote Assistance. - outlook: Opens Microsoft Outlook. Navigating Settings: - ms-settings: Opens main Settings app. - ms-settings:network: Opens network & internet settings. - ms-settings:display: Opens display settings. - ms-settings:personalization: Opens personalization settings. - ms-settings:windowsupdate: Opens Windows Update settings. - ms-settings:privacy: Opens Privacy settings. - ms-settings:bluetooth: Opens Bluetooth settings. - ms-settings:devices: Opens Devices settings. - ms-settings:system: Opens System settings. - ms-settings:accounts: Opens Accounts settings. - ms-settings:timeandlanguage: Opens Time & Language settings. - ms-settings:gaming: Opens Gaming settings. - ms-settings:region: Opens Region settings. - ms-settings:optionalfeatures: Opens Optional Features settings. - ms-settings:storage: Opens Storage settings. - ms-settings:notifications: Opens Notifications settings. - ms-settings:taskbar: Opens Taskbar settings. - ms-settings:start: Opens Start Menu settings. - ms-settings:lockscreen: Opens Lock Screen settings. Network and Connectivity: - ncpa.cpl: Opens Network Connections. - ipconfig: Displays IP configuration. - ping: Tests network connectivity. - control netconnections: Opens Network and Sharing Center. - ms-settings:network-wifi: Opens Wi-Fi settings. - ms-settings:datausage: View data usage. - ms-settings:network-vpn: Manage VPN. - ms-settings:network-proxy: Configures proxy settings. Display and Appearance: - desk.cpl: Opens Display Settings. - control color: Customizes window colors. - dpiscaling: Opens display scaling settings. - ms-settings:personalization: Opens Personalization settings. - ms-settings:themes: Changes desktop themes. - ms-settings:display-advanced: Adjusts advanced display settings. Accessibility: - magnify: Opens Magnifier. - narrator: Launches Narrator. - osk: Opens on-screen keyboard. - utilman: Opens Ease of Access Center. - ms-settings:easeofaccess-display: Opens display accessibility settings. - ms-settings:easeofaccess-cursor: Opens cursor accessibility settings. - ms-settings:easeofaccess-mouse: Opens mouse accessibility settings. - ms-settings:easeofaccess-keyboard: Opens keyboard accessibility settings. - ms-settings:easeofaccess-narrator: Opens narrator accessibility settings. - ms-settings:easeofaccess-magnifier: Opens magnifier accessibility settings. - ms-settings:easeofaccess-colorfilter: Opens color filter accessibility settings. - ms-settings:easeofaccess-highcontrast: Opens high contrast accessibility settings. - ms-settings:easeofaccess-closedcaptioning: Opens closed captioning accessibility settings. - ms-settings:easeofaccess-audio: Opens audio accessibility settings. - ms-settings:easeofaccess-eyecontrol: Opens eye control accessibility settings. - ms-settings:easeofaccess-mousepointer: Opens mouse pointer accessibility settings. Power Management: - powercfg.cpl: Opens Power Options. - ms-settings:powersleep: Adjusts power and sleep settings. - powercfg /batteryreport: Generates a battery report. - powercfg /energy: Creates an energy efficiency report. - powercfg /hibernate: Enables or disables hibernation. - powercfg /deviceenablewake: Enables a device to wake the computer. - powercfg /devicedisablewake: Disables a device from waking the computer.