Software - FastStone Capture #Screenshots tool

There is an interesting tool that works fine taking desktop screenshots (a.e. using keyboard combinations)

Normally I utilize 5.3 version picking up only .exe file (taken after a software fresh installation).

Furthermore I am coping, previously .exe file, on any other pcs where screenshots are necessary to be taken.

FastStone Capture 5.3

Here they are older versions links:

P.S. I knew this tool during my pharmaceutical working experiences and it was a nice discovery, indispensable for GMP Validations and any other importants IT activities

[update 2022-07-18]

I would like to highlight, that licensed software (20$) version permits to acquire/record audio/video easily (with good compression quality)

DNS - Security

Some services can also block access to phishing or infected sites, and a few offer content filtering to keep your kids away from the worst of the web.


Primary, secondary DNS servers: and

With filtering or pre-configured protection, you can safeguard your family against adult content and more. It’s the easiest way to add parental and content filtering controls to every device in your home.


Primary, secondary DNS servers: and

Privacy is another major highlight. Cloudflare doesn't just promise that it won't use your browsing data to serve ads; it commits that it will never write the querying IP address (yours) to disk. Any logs that do exist will be deleted within 24 hours. And these claims aren't just reassuring words on a website. Cloudflare has retained KPMG to audit its practices annually and produce a public report to confirm the company is delivering on its promises

Google Public DNS
Primary, secondary DNS servers: and



DNS Jumper is a portable freeware tool which tests multiple public DNS services to find out which delivers the best performance for you.

The program has a lot of options, but isn't difficult to use. Launch it, click Fastest DNS > Start DNS Test, and within a few seconds you'll be looking at a list of DNS services sorted by speed.

DNSPerf tests multiple DNS services every minute from 200+ locations around the world and makes the results freely available on its own website

[original Article]

Microsoft 365 - Apps activation on shared computer

About environments accessed by multiple users you can keep in mind below Microsoft article.

Be aware that shared computer activation is required for scenarios where multiple users share the same computer and the users are logging in with their own account. 

Infact, normally, users can install and activate Microsoft 365 Apps only on a limited number of devices, such as 5 PCs.

To enable Shared computer activation you should have Office 365 E3, E5 or business premium.

If you want to enable shared computer activation during the initial installation of Microsoft 365 Apps, you can instruct the Office Deployment Tool to do so during installation.

In case you already installed Miscrosoft 365 Apps there are 3 method to change activation ways (GPO, Register modify or download Microsoft Support and Recovery assistant)

more details can be found here:

In case you want to verify type of Microsoft 365 Apps activation are in plase you can review below article:

Licensing token renewal The licensing token that is stored on the shared computer is valid only for 30 days. As the expiration date for the licensing token nears, Microsoft 365 Apps automatically attempts to renew the licensing token when the user is logged on to the computer and using Microsoft 365 Apps.

Activation limits Normally, users can install and activate Microsoft 365 Apps only on a limited number of devices, such as 5 PCs. Using Microsoft 365 Apps with shared computer activation enabled doesn't count against that limit.

Licensing token roaming Starting with Version 1704 of Microsoft 365 Apps, you can configure the licensing token to roam with the user's profile or be located on a shared folder on the network. Previously, the licensing token was always saved to a specific folder on the local computer and was associated with that specific computer. In those cases, if the user signed in to a different computer, the user would be prompted to activate Microsoft 365 Apps on that computer in order to get a new licensing token. The ability to roam the licensing token is especially helpful for non-persistent VDI scenarios.

Security - Exchange Zero Date Vulnerability #CVE-2021-26855

These vulnerabilities permits to access, without any authentication, to all Exchange mailboxes contents.

This is possible on all Exchange servers that are published, on internet, through OWA (attacker need onlty to know user account name)

Afterward attackers created several backdoors, through aspx webshell, creating AD credentials dump. (having horizontal attacks possibility)

There are two scenarios:

  1. Standalone: require single user (SID) (more difficult)
  2. Cluster (DAG) only end user email name is required.

Attack is possibile only if you know server FQDN (but this is easy to be knwon sending an http post call to Exchange Web Services)

Patches are here available: (for Exchange 2010 too)

Other articles:

[original articles]

[update 2021.03.19]

Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus

[update 2021.03.24]

[update 2021.03.29]

How to Recover Exchange Server after Black KingDom Ransomware Attack?

Ransomware - QNAP affected #eCh0raix #Qlocker

Today I would like to mention Ransomware eCh0raix. 

Qnap devices are affected and need firmware updates.

Old QTS and Photo Station versions are affected.

It should be available on line a decryptor tool too.

Other than firmware upgrade it is highly suggested to use strenght passwords, enablbe NAP (Network Access Procection against brute force attacks, disable SSH and Telnet)

Evaluate Qnap snapshot tool too:

More information are available here:

[update 2021.05.08]

Be aware about qlocker too

[update 2022.05.06]

Here they are mention to AFP protocol, that is vulnerable, on QNAP devices

Server - Active Directory Time syncronization problems

During these years I faced, on server and clients, several authentication problems due to wrong time and date.

Here they are some commands and tips useful for this troubleshottoing purpose:

1. Command useful on DC to see any time differences in place and relative (offset)

w32tm /monitor 

2. Run the following command on the PDC emulator:  

w32tm /config /manualpeerlist:timeserver /syncfromflags:manual /reliable:yes /update

Once done, restart W32Time service.

net stop w32time | net start w32time 

3. Run the following command on all other DCs (that are not PDC):  

w32tm /config /syncfromflags:domhier /update

Once done, restart W32Time service:

net stop w32time | net start w32time 

I have often, in recent years, to solve problems of e-mail or authentication domain generated from misconfigurations time servers. 

4. To check the source time server: 

w32tm /query /status

You can check registry entries if the domain controller is using NTP (should be on PDC) or NT5DS (on non-PDC):
Find the value of Type under 


reg query 

6. re-sync the w32time service using the following command:

w32tm /resync /rediscover

7. Execute the following command to actually perform a time synchronization with the external source

w32tm.exe /config /update

Some articles and tools

port query Tool GUI

Technet - Windows Time Service Tools and Settings

Time Configuration in Active Directory

Configure DC to synchronize time with external NTP server

[update 2021.03.04]

Here they are register keys related to date and time Windows services

Microsoft Registry

SQL - Dbatools SQL Server PowerShell module

Here it is an interesting Tutorial about SQL Server powershell module named Dbatools used primarly about disaster recovery. (it is free

Estensive documentation:

Some videos:

<iframe src="" width="960" height="540" allowFullScreen frameBorder="0" title="How to Automate Disaster Recovery in SQL Server On-Prem - Microsoft Channel 9 Video"></iframe>

Have a look to below screenshots: