How to manage Microsoft Windows without losing your sanity:

• FOR THE LOVE OF SANITY, DO NOT INSTALL ON PHYSICAL HARDWARE, only a virtual machine ! ! !
  • Use VirtIO for the disk type
  • Consider using VirtIOFS for sharing data with the host
• FOR THE LOVE OF SANITY, don't put anything other than the OS on the OS boot drive ! ! !
  • Change the "Program Files" directory to a separate drive/filesystem
  • Change the "ProgramData" directory to a separate drive/filesystem
  • Move the pagefile to a separate drive/filesystem
  • Move the "users" directory to a separate drive/filesystem
• Whenever possible, install the Server Core / non-Desktop Experience version for a more minimal install
• Install TightVNC and enable service mode (console access) and regular mode (on port 5901) for desktop session access
• Install Cygwin with:
  • ssh server
    See: https://docs.oracle.com/cd/E24628_01/install.121/e22624/preinstall_req_cygwin_ssh.htm#EMBSC150
    netsh firewall add portopening TCP 22 "SSH TCP Port 22"
  • rsync
  • vim
  • tmux/screen
• Install OpenControl Center agent
• Install Emergency Management Services (EMS) redirection
  bcdedit /ems '{current}' ON
• Install Recovery Console
• Install Classic Shell
• Install Firefox
• Install Everything Search Engine
• Put windows version on desktop
  Registry edit:
  HKEY_CURRENT_USER\Control Panel\Desktop\PaintDesktopVersion
  Set DWORD value 1
• Install JDiskReport for disk usage analysis
• Use WSUS Offline Update
  Update Microsoft Windows and Office without an Internet connection

• sysinternals tools
  Install in c:\bin and add to system path.
• Windows Servers Tools (Microsoft Windows Software Development Kit [SDK])
  • Vista

System

• Secunia PSI - Keeps apps updated, shows you outdated versions and updates available
• WinCDEmu - Mount ISO files as virtual CD-ROM drives
• HashTab - Provides file hashes in the file properties dialog

Usability

• 4t Tray Minimizer - Provides the much-needed winshade functionality to the Windows "windows manger"
• VirtuaWin - Provides virtual desktop capability

Applications

• WinMerge - Does visual file/folder diffs
• gVim - Graphical vim for Windows

Malware Detection / Removal

• rootkit revlealer
• Junkware Removal Tool
• ComboFix
• ClamAV
• ADWCleaner
• RKill
• TDSSKiller
• Etc from bleepingcomputer.com
• Microsoft Security Essentials
• 360 total security (varius systems checks / fixes)

Exchange

MFCMAPI

VNC when not installed

If you have the cygwin SSH server installed but not TightVNC yet, you can do the following in order to connect to the desktop:

1. Copy psexec.exe and tvnserver.exe to the server

   scp tvnserver.exe psexec.exe user@server:/cygdrive/c/

2. SSH to server

   me@desktop ssh user@server

3. Accept psexec EULA

   user@server# /cygdrive/c/psexec.exe -accepteula

4. Start TightVNC Server on desktop session 1

   user@server# /cygdrive/c/psexec.exe -s -h -i 1 "c:\Program Files\TightVNC\tvnserver.exe"

5. In another shell, connect out to remote

   user@server# /cygdrive/c/tvnserver.exe -controlapp -connect jeremybryansmith.com

6. Shut it down

   user@server# /cygdrive/c/tvnserver.exe -controlapp -shutdown

7. You may have to force shutdown

   user@server# taskkill /IM tvnserver.exe