Category: Tips & Info

Tips & Info Category

10 Windows 7 commands every administrator should know

The command line is often the best place to resolve Windows 7 desktop problems. These basic commands will help speed your troubleshooting tasks.

PC troubleshooting is becoming less common in larger organizations, but consultants and techs in smaller shops still have to get their hands dirty identifying and fixing desktop problems. Oftentimes, troubleshooting Windows 7 means delving into the command line. Here are 10 fundamental Windows 7 commands you might find helpful.

1: System File Checker

Malicious software will often attempt to replace core system files with modified versions in an effort to take control of the system. The System File Checker can be used to verify the integrity of the Windows system files. If any of the files are found to be missing or corrupt, they will be replaced. You can run the System File Checker by using this command:

sfc /scannow

2: File Signature Verification

One way to verify the integrity of a system is to make sure that all the system files are digitally signed. You can accomplish this with the File Signature Verification tool. This tool is launched from the command line but uses a GUI interface. It will tell you which system files are signed and which aren’t. As a rule, all the system files should be digitally signed, although some hardware vendors don’t sign driver files. The command used to launch the File Signature Verification tool is:

sigverif

3: Driverquery

Incorrect device drivers can lead to any number of system problems. If you want to see which drivers are installed on a Windows 7 system, you can do so by running the driverquery tool. This simple command-line tool provides information about each driver that is being used. The command is:

driverquery

If you need a bit more information, you can append the -v switch. Another option is to append the -si switch, which causes the tool to display signature information for the drivers. Here’s how they look:

driverquery -v

driverquery -si

4: Nslookup

The nslookup tool can help you to verify that DNS name resolution is working correctly. When you run nslookup against a host name, the tool will show you how the name was resolved, as well as which DNS server was used during the lookup. This tool can be extremely helpful when troubleshooting problems related to legacy DNS records that still exist but that are no longer correct.

To use this tool, just enter the nslookup command, followed by the name of the host you want to resolve. For example:

nslookup dc1.contoso.com

5: Ping

Ping is probably the simplest of all diagnostic commands. It’s used to verify basic TCP/IP connectivity to a network host. To use it, simply enter the command, followed by the name or IP address of the host you want to test. For example:

ping 192.168.1.1

Keep in mind that this command will work only if Internet Control Message Protocol (ICMP) traffic is allowed to pass between the two machines. If at any point a firewall is blocking ICMP traffic, the ping will fail.

6: Pathping

Ping does a good job of telling you whether two machines can communicate with one another over TCP/IP, but if a ping does fail, you won’t receive any information regarding the nature of the failure. This is where the pathping utility comes in.

Pathping is designed for environments in which one or more routers exist between hosts. It sends a series of packets to each router that’s in the path to the destination host in an effort to determine whether the router is performing slowly or dropping packets. At its simplest, the syntax for pathping is identical to that of the ping command (although there are some optional switches you can use). The command looks like this:

pathping 192.168.1.1

7: Ipconfig

The ipconfig command is used to view or modify a computer’s IP addresses. For example, if you wanted to view a Windows 7 system’s full IP configuration, you could use the following command:

ipconfig /all

Assuming that the system has acquired its IP address from a DHCP server, you can use the ipconfig command to release and then renew the IP address. Doing so involves using the following commands:

ipconfig /release

ipconfig /renew

Another handy thing you can do with ipconfig is flush the DNS resolver cache. This can be helpful when a system is resolving DNS addresses incorrectly. You can flush the DNS cache by using this command:

ipconfig /flushdns

8: Repair-bde

If a drive that is encrypted with BitLocker has problems, you can sometimes recover the data using a utility called repair-bde. To use this command, you will need a destination drive to which the recovered data can be written, as well as your BitLocker recovery key or recovery password. The basic syntax for this command is:

repair-bde <source> <destination> -rk | rp <source>

You must specify the source drive, the destination drive, and either the rk (recovery key) or the rp (recovery password) switch, along with the path to the recovery key or the recovery password. Here are two examples of how to use this utility:

repair-bde c: d: -rk e:\recovery.bek

repair-bde c: d: -rp 111111-111111-111111-111111-111111-111111

9: Tasklist

The tasklist command is designed to provide information about the tasks that are running on a Windows 7 system. At its most basic, you can enter the following command:

tasklist

The tasklist command has numerous optional switches, but there are a couple I want to mention. One is the -m switch, which causes tasklist to display all the DLL modules associated with a task. The other is the -svc switch, which lists the services that support each task. Here’s how they look:

tasklist -m

tasklist -svc

10: Taskkill

The taskkill command terminates a task, either by name (which is referred to as the image name) or by process ID. The syntax for this command is simple. You must follow the taskkill command with -pid (process ID) or -im (image name) and the name or process ID of the task that you want to terminate. Here are two examples of how this command works:

taskkill -pid 4104

taskkill -im iexplore.exe

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

10+ Windows 7 services you may not need

If you evaluate your organization’s need for certain Windows 7 services, you may find that a number of them can be safely disabled.

Every version of Windows has shipped with a core set of system services that must run so that the system can perform basic operations. However, your organization may not necessarily need to have all the services running, and disabling unnecessary services can enhance performance and security. We’ve put together a list of 13 services you can disable on your Windows 7 systems that will probably not negatively affect your business operations at all.

Before you take drastic action, such as disabling a service on every PC in your organization, make sure that the service you’re disabling is not actually in use. This article makes a couple of broad assumptions: that your company doesn’t need to share Windows Media files and doesn’t use Windows 7’s HomeGroup features.

This is not a definitive list of services that can be disabled; these are just some obvious ones. Read carefully and make sure you test changes before deploying them across your organization.

1: IP Helper

Windows description: Provides tunnel connectivity using IPv6 transition technologies (6to4, ISATAP, Port Proxy, and Teredo) and IP-HTTPS. If this service is stopped, the computer will not have the enhanced connectivity benefits that these technologies offer. Why this can be disabled:Many organizations haven’t even started testing IPv6, much less fully deployed it. As indicated in the service description, the IP Helper service is leveraged in IPv4-to-IPv6 transitions.

2: Offline Files

Windows description: The Offline Files service performs maintenance activities on the Offline Files cache, responds to user logon and logoff events, implements the internals of the public API, and dispatches interesting events to those interested in Offline Files activities and changes in cache state. Why this can be disabled: If your organization doesn’t use the Offline Files feature found in both Windows client and server products, this service can be safely disabled. Obviously, if you are synchronizing files across the network, you shouldn’t disable this service.

3: Network Access Protection Agent

Windows description: The Network Access Protection (NAP) agent service collects and manages health information for client computers on a network. Information collected by the NAP agent is used to make sure that the client computer has the required software and settings. If a client computer is not compliant with health policy, it can be provided with restricted network access until its configuration is updated. Depending on the configuration of health policy, client computers might be automatically updated so that users quickly regain full network access without having to manually update their computer. Why this can be disabled: If you’re not doing network-based remediation or if you’re doing remediation with a third-party tool that doesn’t leverage the NAP client, this service can be disabled.

4: Parental Controls

Windows description: This service is a stub for Windows Parental Control functionality that existed in Vista. It is provided for backward compatibility only. Why this can be disabled:Corporate networks rarely used Vista’s Parental Control functionality. Further, this is a legacy service from Windows Vista.

5: Smart Card

Windows description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start. Why this can be disabled: If your organization does not use smart cards for authentication purposes, you can safely disable this service.

6: Smart Card Removal Policy

Windows description: Allows the system to be configured to lock the user desktop upon smart card removal. Why this can be disabled: If your organization does not use smart cards for authentication purposes, you can safely disable this service.

7: Windows Media Center Receiver Service

Windows description: Windows Media Center Service for TV and FM broadcast reception. Why this can be disabled: In most corporate environments, TV and FM broadcast reception on desktop computers is not considered a “business critical” item that needs support, and it’s often not allowed anyway. You can disable this service to save some resources.

8: Windows Media Center Scheduler Service

Windows description: Starts and stops recording of TV programs within Windows Media Center.Why this can be disabled: Likewise, there’s no need to record TV programs in a corporate environment.

9: Windows Media Player Network Sharing Service

Windows description: Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play. Why this can be disabled: On a corporate network, Windows Media Player doesn’t have nearly the place it might have on a home network. Disabling this service will have no impact on business activities.

10: Fax

Windows description: Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network. Why this can be disabled: If your organization is not using a network-based faxing service, disabling this service will have no business impact.

11: HomeGroup Listener

Windows description: Makes local computer changes associated with configuration and maintenance of the homegroup-joined computer. If this service is stopped or disabled, your computer will not work properly in a homegroup and your homegroup might not work properly. It is recommended that you keep this service running. Why this can be disabled: It’s highly unlikely that a business organization — except a very small one — is using HomeGroups as a way to share resources on a network. It’s almost always safe to disable this service in a business setting.

12: HomeGroup Provider

Windows description: Performs networking tasks associated with configuration and maintenance of homegroups. If this service is stopped or disabled, your computer will be unable to detect other homegroups and your homegroup might not work properly. It is recommended that you keep this service running. Why this can be disabled: As noted above: Only very small organizations are likely to use HomeGroups to share resources on a network, so it’s almost always safe to disable this service in a business setting.

13: Tablet PC Input Service

Windows description: Enables Tablet PC pen and ink functionality. Why this can be disabled: The vast majority of PCs that are deployed to users do not have hardware that can leverage tablet-like capability. This service simply uses system resources with no possible benefit.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

To read this article in its entirety click here.

10 ways to speed up Windows 7

You don’t have to live with a Windows 7 machine that’s becoming unbearably slow. Here are 10 basic steps that will optimize system performance.

With Windows 7, Microsoft did a really good job making the system perform well. However, over time, Windows 7 systems can slow down and need some care and feeding to regain their former glory. Further, some Windows 7 features can be leveraged to improve overall system performance. In this article, we will outline 10 steps you can take to boost the performance of your Windows 7 systems.

1: Disable unnecessary services

Not every system service that is running on a stock Windows 7 machine is necessary. A number of services can either be disabled or modified to run only when needed. Once you make these changes, the service no longer has to consume system resources and the system no longer has to spend time starting the service.

2: Reduce the number of startup items

Windows 7 systems eventually begin to suffer under the weight of software that is installed in the normal course of business. Many software titles install more than is necessary and include helper applications designed solely to make the software start up more quickly or facilitate other communication (e.g., iTunes helper). And new software installations might add a permanent presence to the system tray, even if it’s not absolutely necessary for the system to function (Steam games, for example).

You could go through your system tool by tool and remove the offending software, but you might want to keep the underlying tool around and just prevent the helper from loading. This and more can be accomplished through the use of MSconfig, a tool that has long been a part of Windows. MSconfig allows you to selectively disable startup items and take other steps toward improving overall system performance.

To use MSconfig, go to Start and in the search box, type MSconfig. From the Startup tab (Figure A), you can disable items. Just be careful about what you choose.

Figure A

Disable items to improve overall system performance.

3: Remove the bloatware installed by vendors

Microsoft’s OEMs sometimes actively work against the Redmond behemoth and sully the company’s name. Nowhere is this more evident than in the case of what has become known as “bloatware.” In the never-ending race to the bottom of the PC market, lower cost PCs have had their profit margins bolstered by OEMs through the inclusion of mostly junk software – short-term trials and the like — that does nothing but add a few dollars of profit while bringing performance to a crawl. Frankly, this is one of the reasons that I believe that Microsoft’s Surface announcement, in which Microsoft noted that it would make its own device, is brilliant. The company needs to start with a clean slate in some ways (no pun intended).

If your PC shipped with a bunch of stuff you’ll never use, get rid of that software. Generally, you can go to Start | Control Panel | Programs And Features (Figure B) and remove software you no longer plan to use. If the software adds items to the startup process, getting rid of it will make the PC start faster and, ultimately, perform better overall.

Figure B

Use Programs And Features to remove unwanted software.

4: Keep viruses and spyware off your system

If you’re running Windows, you need to be running an anti-malware program to keep viruses and spyware off your system. Nothing will ruin good performance like a boatload of spyware. Our personal favorite (and free!) tool for combating malware is Microsoft Security Essentials. In my experience, it’s been successful in catching bad stuff while not significantly degrading system performance itself.

5: Check your memory

How much RAM do you have? Is your system consuming all or most of your RAM? Does the system page out to disk? If so, you’re suffering a massive performance hit, which can be solved by adding more memory to your PC.

6: Go solid state

Solid state is all the rage these days, and with good reason. It’s fast! More and more laptops and even desktops are moving to the technology because of the performance benefits. Solid state disks use memory cells from which data can be read very quickly, as opposed to the relatively plodding nature of rotational storage. By moving to SSD, you can give your Windows 7 system renewed life — and give yourself a whole new user experience.

7: Ensure that power settings favor performance

This one is easy! When you’re plugged in, configure Windows 7’s power plans to favor performance over power savings. When you choose to use Windows 7′ high performance power plan, you might increase the computer’s performance in some (but not all) circumstances. It really depends on the kind of work you’re doing and how often you allow the computer to sit idle.

To change power plans, go to Start | Control Panel | Power Options and choose your power plan settings (Figure C).

Figure C

Go to Power Options to choose Windows 7 power plan settings.

8: Keep your system defragmented (unless you’ve followed item 6)

If you’re using a traditional spinning disk in your Windows 7 system, you can keep your system operating at peak efficiency by periodically defragmenting the hard drive. If, however, you’ve opted to go with SSD-based storage, don’t do this. First, you won’t get any performance benefit and second, you’ll significantly reduce the life of that expensive SSD.

Disk defragmentation is scheduled to take place once per week, but you can change this by going to Start | Accessories | System Tools | Disk Defragmenter (Figure D). In addition to changing the schedule, you can run an on-demand defrag from here. You can also run a defrag from the command line instead of from a GUI.

Figure D

You can schedule a defrag in the Disk Defragmenter dialog box.

9: Disable or tune search indexing

Windows 7’s search is good, but it can also affect system performance. If you really need to run a tool at full tilt, you can disable indexing altogether. Or you can tune the indexer to meet your specific needs, possibly reducing its overall impact on system performance.

10: Use ReadyBoost

Perhaps you don’t want to jump into the solid-state game right away but would like some of the benefit that can be had from flash-based storage. Using nothing more than a USB stick, you can do so through a Windows 7 feature known as ReadyBoost. (Note that if you’re already using an SSD as your system drive, ReadyBoost won’t be available, since there would be no performance gain.)

ReadyBoost allows the system to make use of one of these speedy storage devices as a cache, improving overall performance of the system. The flash storage device that you choose to use for ReadyBoost should meet the following specifications set by Microsoft:

Capacity of at least 256 MB, with at least 64 kilobytes (KB) of free space
At least a 2.5 MB/sec throughput for 4-KB random reads
At least a 1.75 MB/sec throughput for 1MB random writes

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

To read this article in its entirety click here.

Use Windows 7 Event Viewer to track down issues that cause slower boot times

Here’s how to use some of the new features in Windows 7’s Event Viewer to investigate a slow boot time.

Overview

Windows 7’s Event Viewer includes a new category of event logs called Applications and Services Logs, which includes a whole host of subcategories that track key elements of the operating system. The majority of these subcategories contain an event log type called Operational that is designed to track events that can be used for analyzing and diagnosing problems. (Other event log types that can be found in these subcategories are Admin, Analytic, and Debug; however, describing them is beyond the scope of this article.)

Now, within the operating system section is a subcategory titled Diagnostic-Performance with an Operational log that contains a set of a Task Category called Boot Performance Monitoring. The Event IDs in this category are 100 through 110. By investigating all the Event ID 100 events, you will be able to find out exactly how long it took to boot up your system every time since the day you installed Windows 7. By investigating all the Event ID 101 thru 110 events, you will be able to identify all instances where boot time slowed down.

Getting started

You can find and launch Event Viewer by opening the Control Panel, accessing the System and Security category, selecting the Administrative Tools item, and double-clicking the Event Viewer icon. However, you can also simply click the Start button, type Event in the Start Search box, and press Enter once Event Viewer appears and the top of the results display.

Creating a Custom View

Once you have Event Viewer up and running, you can, of course, drill down through the Applications and Services Logs and locate the Diagnostic-Performance Operational log and begin manually looking through the events recorded in the log. However, you can save yourself time and energy by taking advantage of the new Custom View feature, which is essentially a filter that you can create and save.

To do so, pull down the Action menu and select the Create Custom View command. When you see the Create Custom View dialog box, leave the Logged option set at the default value of Any Time and select all the Event level check boxes. Next, select the By Log option button, if it is not already selected, and click the dropdown arrow. Then, drill down through the tree following the path: Applications and Services Logs | Microsoft | Windows | Diagnostics-Performance. When you open the Diagnostics-Performance branch, select the Operational check box, as shown in Figure A.

Figure A

When you get to the Diagnostics-Performance branch, select the Operational check box.

To continue, type 100 in the Includes/Excludes Event IDs box, as shown in Figure B, and then click OK.

Figure B

Event ID 100 records how long it takes to boot up your system.

When you see the Save Filter to Custom View dialog box, enter a name, as shown in Figure C, and click OK.

Figure C

To save the filter as a Custom View, simply provide an appropriate name, such as Boot Time.

You’ll now repeat these steps and create another Custom View, and this time, you’ll type 101-110 in the Includes/Excludes Event IDs box and name it Boot Degradation.

Investigating Boot Time

To investigate your Windows 7 system’s boot time, select Boot Time in the Custom Views tree and then sort the Date and Time column in ascending order. When you do, you’ll see a complete history of every time you have booted your system since the day you installed Windows 7. In Figure D, you can see that we have hidden the Console Tree and the Action Pane to focus on the events.

Figure D

By sorting the Date and Time column in ascending order, you’ll see a complete history of every time you have booted your system since the day you installed Windows 7.

As you can see, the first recorded Boot Time on my sample system was 67479 milliseconds in October 2009. Dividing by 1,000 tells me that it took around 67 seconds to boot up. Of course, this was the first time, and a lot was going on right after installation. For example, drivers were being installed, startup programs were being initialized, and the SuperFetch cache was being built. By December 2009 the average boot time was around 37 seconds.

In any case, by using the Boot Time Custom View, you can scroll through every boot time recorded on your system. Of course, keep in mind that there will be normal occurrences that may lengthen the boot time, such as when updates, drivers, and software is installed.

Now, if you click the Details tab, you’ll see the entire boot process broken down in an incredible amount of detail, as shown in Figure E. (You can find more information about the boot process in the “Windows On/Off Transition Performance Analysis” white paper.) However, for the purposes of tracking the boot time, we can focus on just three of the values listed on the Details tab.

Figure E

The Details tab contains an incredible amount of detail on the boot time.

MainPathBootTime

MainPathBootTime represents the amount of time that elapses between the time the animated Windows logo first appears on the screen and the time that the desktop appears. Keep in mind that even though the system is usable at this point, Windows is still working in the background loading low-priority tasks.

BootPostBootTime

BootPostBootTime represents the amount of time that elapses between the time that the desktop appears and the time that you can actually begin using the system.

BootTime

Of course, BootTime is the same value that on the General tab is called Boot Duration. This number is the sum of MainPathBootTime and BootPostBootTime. Something that we didn’t tell you before is that Microsoft indicates that your actual boot time is about 10 seconds less that the recorded BootTime. The reason is that it usually takes about 10 seconds for the system to reach an 80-percent idle measurement at which time the BootPostBootTime measurement is recorded.

Investigating Boot Degradation

To investigate instances that cause Windows 7 system’s boot time to slow down, select Boot Degradation in the Custom Views tree and then sort Event ID column in ascending order. Each Event ID, 101 through 110, represents a different type of situation that causes degradation of the boot time.

While there are ten different Event IDs here, not all of them occur on all systems and under all circumstances. As such, I’ll focus on the most common ones that we have encountered and explain some possible solutions.

Event ID 101

Event ID 101 indicates that an application took longer than usual to start up. This is typically the result of an update of some sort. As you can see in Figure F, the AVG Resident Shield Service took longer than usual to start up right after an update to the virus database. If you look at the details, you can see that it took about 15 seconds for the application to load (Total Time), and that is about 9 seconds longer than it normally takes (Degradation Time).

Figure F

Event ID 101 indicates that an application took longer than usual to start up.

An occasional degradation is pretty normal; however, if you find that a particular application is being reported on a regular basis or has a large degradation time, chances are that there is a problem of some sort. As such, you may want to look for an updated version, uninstall and reinstall the application, uninstall and stop using the application, or maybe find an alternative.

(In the case of my friend’s Windows 7 system, there were several applications that were identified by Event ID 101 as the cause of his system slowdown. Uninstalling them was the solution, and he is currently seeking alternatives.)

Event ID 102

Event ID 102 indicates that a driver took longer to initialize. Again, this could be the result of an update. However, if it occurs regularly for a certain driver or has a large degradation time, you should definitely look in to a newer version of the driver. If a new version is not available, you should uninstall and reinstall the driver.

Event ID 103

Event ID 103 indicates that a service took longer than expected to start up, as shown in Figure G.

Figure G

Event ID 103 indicates that a service took longer than expected to start up.

Services can occasionally take longer to start up, but they shouldn’t do so on a regular basis. If you encounter a service that is regularly having problems, you can go to the Services tool and experiment with changing the Startup type to Automatic (Delayed Start) or Manual.

Event ID 106

Event ID 106 indicates that a background optimization operation took longer to complete. On all the Windows 7 systems that we investigated, this event identified the BackgroundPrefetchTime as the culprit, as shown in Figure H. Since the Prefetch cache is a work in progress, this should not really represent a problem.

Figure H

Event ID 106 indicates that a background optimization operation took longer to complete.

If you encounter regular or long degradation times related to Prefetch, you may want to investigate clearing this cache and allowing the operating system to rebuild it from scratch. However bear in mind that doing so can be tricky and instructions on doing so are beyond the scope of this article.

Event ID 109

Event ID 109 indicates that a device took longer to initialize. Again, if this is happening occasionally, there shouldn’t be anything to worry about. But if it is occurring regularly, you should make sure that you regularly back up your hard disk and begin investigating replacing the device in question.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

To read this article in its entirety click here.

Modifying the Windows 7 boot loader with the Boot Configuration Data Editor tool

In Windows Vista and later versions of Windows, the bootloader was moved from boot.ini to a utility called BCDEdit. Here’s how to modify the boot config data with the new tool.

Sometimes dual-booting a system is a handy way to test new software, a new operating system, or an application that needs to be run in a specific version of Windows. Other reasons to dual-boot might include replication of a client environment.

Windows handles dual-booting by using boot.ini to display a menu of bootable choices or partitions found on the current system. In Windows Vista and later versions of Windows, the bootloader was moved from boot.ini to a utility called BCDEdit.

Recently, we decided we could make better use of some disk space that we had set aside to create a bootable VHD for Windows Server 2008 R2. There was no data other than the OS installation contained within the file because we had used it only to prepare a blog post about booting from Virtual Hard Disks. To free up the space, we deleted the VHD.

Note: Always make sure to back up any data that you want to keep before deleting or modifying partitions on VHDs. Your changes could make the partition unbootable.

Once we had the VHD removed, we thought Windows would be smart enough to clean up the boot loader, but we were not so lucky. We had Windows 7 set as the primary OS, so we were not without a system.

We started looking around for boot.ini and was directed toward the Boot Configuration Data Editor (BCDEdit) as the utility to use when editing boot loader information in Windows 7 (and in Vista too).

To begin, open the Start menu, select All Programs, and then choose Accessories. Right-click on Command Prompt and select Run As Administrator. Once in the command window, type bcdedit. This will return the current running configuration of your boot loader, showing any and all items that can boot on this system.

In this example, we decided to remove the entry for my Windows 2008 R2 installation, as we wouldn’t need it for the time being. To remove an entry, you will need to know the Boot Loader Identifier (found in curly braces in Figure A).

Figure A

we copied the whole list into Notepad and then selected and copied just the ID, braces included.

Removing an entry from the Boot Loader

One simple command got the Windows Server 2008 R2 entry out of the boot loader. At the command prompt, enter the following:

Bcdedit /delete {boot loader identifier}

Press Enter, and the Boot Configuration Data Editor (BCDEdit) will remove the entry for the ID you specified and display a message when finished. When Windows starts, the only choice available in the boot menu should be the current Windows installation.

Warning: Be careful when editing the boot configuration data. If you mistakenly remove the current instance of Windows, you may render your computer unbootable.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

To read this article in its entirety click here.

Trump administration to move all federal IT into the cloud: Is it realistic?

US president Donald Trump recently signed an executive order on cyber-security that mandated federal systems move to the cloud. But, questions remain on the feasibility of that goal.

On Thursday, US President Donald Trump signed his long-awaited executive order on cyber-security, laying out his plans for addressing security in federal IT and across US infrastructure. The most ambitious mandate was that all federal IT systems move to the cloud.

President Trump’s homeland security adviser, Tom Bossert, said in a announcement that the government had spent too much time and money “protecting antiquated and outdated systems.” Bossert cited the Office of Personnel Management (OPM) hack as evidence of failing legacy systems.

Bossert said, “From this point forward, the President has issued a preference in federal procurement in federal IT for shared systems. We’ve got to move to the cloud and try to protect ourselves instead of fracturing our security posture.”

The executive order officially states: “Agency heads shall show preference in their procurement for shared IT services, to the extent permitted by law, including email, cloud, and cyber-security services.” It also calls for a report to be completed within 90 days describing the legal, budgetary, technical considerations for “shared IT services, including email, cloud, and cyber-security services,” along with a timeline for the initiatives and their potential cost-effectiveness.

Peter Tran, the senior director of worldwide advanced cyber defense practice at RSA and former US Department of Defense employee, said the anchor for the executive order will initially be the NIST Cybersecurity Framework (CSF), to both assess current risk gaps and determine a strategy moving forward. This will be the pacesetter by which all building blocks will either rise or fall specifically on the call to action to go cloud in an expedited manner…..security being a forethought,” Tran said.

However, the effectiveness of a move to the cloud to improve security among these federal systems remains up to debate. John Pironti, cyber-security expert and president of IP Architects, said that it could create a double-edged sword.

“The idea of standardization of security controls and capabilities through a cloud-only mandate in theory may make sense to establish an enhanced baseline for security, but at the same time creates a central target and common set of controls and capabilities that adversaries can then focus their attention on in order to be successful in their attacks,” Pironti said.

Following a central set of control standards and common technology platforms, combined with the centralized nature of the cloud, could actually make the federal IT systems weaker than their current iteration, Pironti said, which utilizes “distributed and varied computing assets and security controls.” And if hackers can find and exploit a weakness in this kind of system, it could lead to a bigger impact.

Pironti said that he believes the mandate will start out with the proper intentions, but if the affected government agencies simply follow the prescribed behaviors with no deviation, they may not be able to keep up with the changing threat landscape. While Pironti said that he’s in favor of accountability, he believes that the approach should be risk-based instead of mandated.

“I do not believe all agencies should be forced into a cloud model or required to follow the same set of prescriptive security controls,” Pironti said. “If an agency can prove that they are effectively operating in a reliable, available, and secure fashion then they should be allowed to continue to do so.”

Another question raised by the mandate is the feasibility of moving these systems to the cloud. Tran said that the executive order builds on an existing foundation, but the “proof is in the pudding.” The order, like other security plans, must be executed in a timely manner and show clear improvements in boosting security visibility and early threat detection, but it also must clearly show what “good” and “bad” security looks like in cloud infrastructure, Tran said.

“That’s really hard to do under an average planning and deployment timeline. Your compass needs to be ‘dead on,'” Tran said.

The impact of the executive order could also be seen in the private sector, Tran said, driving the growth of stronger policy, compliance, and governance around cybersecurity.

“The unique aspect of this current environment is security can’t effectively operate in a ‘de-regulated’ fashion by the mere nature that it’s security… Imagine if the TSA and FAA had no security protocols and structure?” Tran said. “Cybersecurity is no different whether it’s brick-and-mortar or click-and-mortar.”

The 3 big takeaways for readers

Trump recently signed an executive order on cybersecurity mandating all federal IT systems move to the cloud, but questions remain about the feasibility and effectiveness of such a mandate.
The move to the cloud could help modernize the systems’ approach to security, but it could also create a central point of attack for hackers, an expert said.
The executive order could also impact the private sector, leading to more regulation and compliance around cyber-security initiatives, an expert said.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

To read this article in its entirety click here.

Microsoft’s new Surface Laptops unveiled

Microsoft’s most direct shot at the MacBook yet

This slideshow requires JavaScript.

The one Surface product that fans have been clamoring over for years, a straight up Surface Laptop, is finally here. But, in taking design cues from both the Surface Pro and Surface Book lines, Microsoft has set lofty expectations for its first dedicated laptop device.

Priced at $999 (about £770, AU$1,330), the Surface Laptop clearly aims to chip at the MacBook and MacBook Air models that dominate college campuses practically worldwide. In fact, Microsoft claims that its cheaper (and larger) Surface Laptop can last far longer on a charge than Apple’s 12-inch MacBook: 14.5 hours.

However, every Surface Laptop shipped will come with Windows 10 S installed, Microsoft’s new version of Windows 10 that only accepts app installs downloaded from the Windows Store.

With the ability to switch from Windows 10 S to the 100% open Windows 10 Pro for $49 if you miss the chance in 2017 for free, should you need an app outside of the Windows Store that badly (spoiler: you probably will).

Regardless, at that price, can Microsoft garner enough interest from college students (or more likely their parents), who are often already strapped from the cost of an education?

The Surface Laptop in traditional ‘Platinum’

Design

Clearly, part of Microsoft’s plan is to lure those folks in with an incredibly gorgeous, and potentially trendsetting, design. The 13.5-inch Surface Laptop may very well be Microsoft’s most attractive computing product yet.

And, with four colors to choose from – Burgundy, Platinum, Cobalt Blue and Graphite Gold – there’s bound to be one that appeals to you.

A full aluminum lid and base wrap the laptop in much the same way it does a Surface Book, but ditches the aluminum in the keyboard deck for a Alcantara fabric that surrounds every plastic key and meets with the aluminum base in a seemingly airtight seal.

The fabric, according to Microsoft, is imported from Italy and laser cut to fit every Surface Laptop. Now, while many of the design elements are the same, the 13.5-inch (2,256 x 1,504) PixelSense touch display, the smooth glass-coated Precision touchpad, the chrome logo centered on the aluminum lid, we’re told that very few parts from previous parts are found within the Surface Laptop.

That much is obvious in the nature of the felt used for this keyboard deck compared against that which the Type Covers from Microsoft utilize. It’s smoother and more plush than those Type Covers, and we’re told it’s spill resistant.

The Surface Laptop’s keyboard deck is awfully comfortable

Plus, the additional height afforded by this traditional laptop design allowed Microsoft to equip the keyboard with 1.5mm of travel, and the difference in typing between that and the Surface Pro 4 is night and day. Finally, Microsoft devised a speaker system beneath the keyboard that radiates sound through the spaces between the keys and the keyboard deck.

The result isn’t much better audio than you’d find in a MacBook Air, perhaps a bit fuller, but at least it’s consistently in an uninterrupted position. Naturally, the audio gets a bit muffled when typing, but since the sound radiates throughout the laptop base, there isn’t a major loss in audio detail.

That leaves the side of the laptop base to house Microsoft’s proprietary power and docking port found on other Surface devices, as well as a USB 3.0 and Mini DisplayPort, not to mention an audio jack. If you’re already asking, “where’s the USB-C,” we’ve already been there.

Microsoft tells us that it intends for its own port to handle concerns of connectivity expansion via the Surface Connect port and its Surface Dock, while refraining from alienating customers that have yet to completely update to USB-C.

A fine explanation, but that doesn’t tell us why USB 3.0 and not USB 3.1 at least, as you’re missing out on some major data transfer speed improvements there.

Those strange strips of plastic on the base? They’re Wi-Fi antennae

Performance and battery life

Microsoft can pack the Surface Laptop with the latest Intel Core i5 or Core i7 processors (Kaby Lake), up to 512GB of PCIe solid-state storage (SSD) and as much as 16GB of RAM.

That’s a mighty powerful laptop on paper, likely stronger than either the MacBook Air or 12-inch MacBook, while rising above even the latest 13-inch MacBook Pro that still utilizes Skylake processors.

(The $999 model comes packing a 128GB SSD and 4GB of RAM with the Intel Core i5.)

As for how Microsoft fit that kind of power a laptop just 0.57 inches (14.48mm) thin, a brand new, proprietary vapor chamber cooling system helps a whole lot. The system changes the physical state of the heat as it’s taken in through the center of a fan vent in the rear of the laptop base and spits it out of the sides of that same vent.

While we obviously weren’t able to stress-test the Surface Laptop, we were able to test out how it feels to use. For starters, at just 2.76 pounds (1.25kg), this thing is super light, which is all the more impressive considering it’s a 13.5-inch, Gorilla Glass 3 touchscreen you’re looking at.

Note the Surface Connect dock port – Microsoft’s answer to USB-C

Microsoft chalks this up to, in part, the thinnest LCD touch module ever used in a laptop design. This, in turn, helps the lid to lift with just one finger. However, perhaps the hinge design needs refinement.

While you can open the display with just a finger, that slightness in the hinge is felt when the screen bounces with every tap of the touchscreen. It’s the very reason we question the inclusion of touchscreens in traditional laptops to begin with. Unfortunately, it seems Microsoft hasn’t found a better solution here.

That said, typing on the keyboard is the best time we’ve had doing such on a Surface product yet, and the portability of the whole thing is right there with Apple’s best.

As for battery life, Microsoft is, again, claiming 14.5 hours on a single charge. Microsoft later clarified for us that this number was achieved via local video playback with all radios but Wi-Fi disabled.

That testing environment sounds very similar to how TechRadar tests for battery life, so we might see battery life results in a full review fall much closer to this claim. If so, then Surface Laptop will be very tough to beat in longevity and be a potentially major driver for sales.

This is the Surface Laptop in Cobalt Blue

Early verdict

The fact that the Surface Laptop ships with a limited – sorry, “streamlined” – operating system and costs more than some previous Surface systems that come with full fat Windows 10 cannot go unnoticed – regardless of the free upgrade through this year. Unless Microsoft changes its tune come 2018, folks buying one of these with holiday gift money at the turn of the year would be wise to tack 50 bucks on top of whichever configuration they choose to get Windows 10 Pro.

While this switch will be free for any Surface Laptops bought in the education sector, that won’t help the Surface Laptop’s target audience come 2018: late high school and college students.

That said, the Surface Laptop’s incredible, potentially trendsetting design cannot go unnoticed either. Frankly, this is a laptop that appears to outclass the MacBook Air and 12-inch MacBook – and possibly even the 13-inch MacBook Pro – for hundreds less.

Save for a questionable platform versus pricing decision, the Surface Laptop has all the makings of yet another winning piece of hardware from Microsoft.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

To read this article in its entirety click here.

Quick Tips: Flush the ARP cache in Windows 7

Here’s how to clear the Address Resolution Protocol cache and how to manage that cache with a few command switches.

The Address Resolution Protocol (ARP) cache is a crucial component of IP networking on any operating system. What ARP does is link Ethernet addressing (IP addressing) to hardware addressing (MAC addressing). Without this system, a machine could not communicate to the outside world as one addressing scheme could not communicate with the other.

The ARP Cache is a collection of ARP entries (mostly dynamic) that are created when a hostname is resolved to an IP address and then an IP address is resolved to a MAC address (so the computer can effectively communicate with the IP address).

When this happens, the PC will store that newly mapped address in the ARP cache, and it will stay there until the ARP cache entry timeout expires. This isn’t usually a problem, but sometimes a bad ARP entry can cause issues with Internet connections and Web page loading. When this occurs, one step that can be taken toward resolution is to clear the ARP cache. Yes, this means the ARP cache has to be rebuilt, which means a little more work for the PC, but that cache will rebuild fairly quickly.

Clearing the ARP cache is done completely through the command line, so stretch out those fingers and get ready to type. After we show you how to clear the ARP cache, we will show you how to manage that cache with a few command switches.

Flush the cache

Step 1: Open the command prompt

Click Start and then type “cmd” (no quotes) in the search dialog box, but don’t hit Enter yet. Right-click the cmd.exe icon and select Run as Administrator (Figure A). After answering the UAC, the terminal window will open offering up the command prompt.

Figure A

If the icon is already pinned in the Start menu, entering cmd is not necessary.

Step 2: Run the commands

The first command to run is

arp -a

This command will display all your ARP entries (Figure B). Naturally the -a option is not the only option available. The arp command also allows for the following switches:

-d	Delete an IP address (arp -d 192.168.100.10)
-d -a	Delete all entries in the ARP table
-s	Add an entry to the ARP table (arp -s ADDRESS MAC_ADDRESS – Where ADDRESS is the address to be added and MAC_ADDRESS is the MAC address of the machine)

Figure B

Here you see the arp cache for two different interfaces on a single machine.

To flush the entire cache, issue the following command:

netsh interface ip delete arpcache

The above command will flush the entire ARP cache on your system. Now as soon as network connections are made, the ARP cache will begin to repopulate.

Verify the flush

Once you have flushed the ARP cache, make sure to issue the command arp -a to see if the cache has, in fact, been flushed. If it does not flush, it could be the system is a victim of a Windows bug caused when Routing and Remote Services is enabled. This is a simple bug to fix:

1. Click Start | Control Panel.

2. Click Administrative Tools.

3. Click Computer Management.

4. Double-click Services and Applications.

5. Double-click Services.

6. Scroll down to Routing and Remote Services.

7. Double-click Routing and Remote Services.

8. Set the Startup Type to Disable.

9. Make sure the service is stopped.

Now try flushing the ARP cache again. It should work this time.

Troubleshooting

It is also possible to troubleshoot network connections using the ARP cache. For example, it is important to look out for invalid ARP entries that go to a MAC address of 00-00-00-00-00-00. If one such entry shows up, make sure to delete it from the cache using the -d switch. Say you have an ARP entry that looks like:

224.0.0.24           00-00-00-00-00-00 static

In order to delete this entry, use the arp command like so:

arp -d 224.0.0.24

And that invalid entry will be gone.

Final thoughts

There are so many ways to troubleshoot networking connections. Flushing the ARP cache is just one of those methods that is rarely thought of, but when all else fails this might be the last-gasp effort that makes you the hero of the day.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

To read this article in its entirety click here.

49% of businesses fell victim to cyber ransom attacks in 2016

Ransom is the top motivation behind cyber attacks, according to a report from Radware, and IT professionals are most concerned about data loss. Here’s what you need to know.

Nearly half of businesses report that they were the subject of a cyber-ransom campaign in 2016, according to Radware’s, Global Application and Network Security Report 2016-2017.

Data loss topped the list of IT professionals’ cyber attack concerns, the report found, with 27% of tech leaders reporting this as their greatest worry. It was followed by service outage (19%), reputation loss (16%), and customer or partner loss (9%).

Malware or bot attacks hit half of all organizations surveyed in the last year. One reason for the pervasive attacks? The Internet of Things (IoT). Some 55% of respondents reported that IoT ecosystems had complicated their cybersecurity detection measures, as they create more vulnerabilities.

Ransomware attacks in particular continue to increase rapidly: 41% of respondents reported that ransom was the top motivator behind the cyber attacks they experienced in 2016. Meanwhile, 27% of respondents cited insider threats, 26% said political hacktivism, and 26% said competition.

While large-scale DDoS attacks dominated the headlines of 2016, this report found that only 4% of all attacks were more than 50 Gbps, while more than 83% of DDoS attacks reported were under 1 Gbps.

“One thing is clear: Money is the top motivator in the threat landscape today,” said Carl Herberger, vice president of security solutions at Radware, in a press release. “Attackers employ an ever-increasing number of tactics to steal valuable information, from ransom attacks that can lock up a company’s data, to DDoS attacks that act as a smoke screen for information theft, to direct brute force or injection attacks that grant direct access to internal data.”

Despite the growth in attacks, some 40% of organizations reported that they do not have an incident response plan in place, the survey found.

The report listed five cybersecurity predictions for 2017:

1. IoT will become an even larger risk. The Mirai IoT Botnet code is available to the public, making it more likely that cyber criminals of all experience levels are already strengthening their capabilities. “In 2017, exponentially more devices are expected to become targeted and enslaved into IoT botnets,” the press release stated. “IoT device manufacturers will have to face the issue of securing their devices before they are brought to market, as botnet attacks from these devices can generate large-scale attacks that easily exceed 1 Tbps.”

2. Ransomware attacks will continue to grow. These attacks will target phones, laptops, and company computers, and will likely take aim at healthcare devices such as defibrillators in the future, the press release stated.

3. Permanent Denial of Service (PDoS) attacks on data centers and IoT operations will rise. PDoS attacks, sometimes called “phlashing,” damage a system to the degree that it requires hardware replacement or reinstallation. These attacks are not new, but Radware predicts they are likely to become more pervasive in 2017 with the plethora of personal devices on the market.

4. Telephony DoS (TDoS) will become more sophisticated. These attacks, which cut off communications in a crisis, “could impede first responders’ situational awareness, exacerbate suffering and pain, and potentially increase loss of life,” the press release stated.

5. Public transportation system attacks will rise. As cars, trains, and planes become more automated, they also become more vulnerable to hackers, Radware stated.

You help your business avoid ransomware attacks and other cyber threats by keeping software up to date, backing up all information every day to a secure, offsite location, segmenting your network, performing penetration testing, and training staff on cyber security practices.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

To read this article in its entirety click here.

Windows Tip of the week: How to turn hibernation on and off

How to turn hibernation on and off:

When your PC goes to sleep, it enters a low-power state, ready to spring back into action when Windows detects a tap on the keyboard or determines that it’s time to run a scheduled task. If you’re planning to be away from the PC for a while, you might prefer to save the current state so that you can restore it quickly, without the chance that the computer will wake up on its own.

There’s an option that lets you save the contents of memory to a hibernation file and then shuts down the PC, so it uses no power at all. When you restart, Windows restores the system state from the hibernation file.

To enable or disable hibernation, open a Command Prompt window and enter the powercfg command with the -h switch. Type powercfg -h on to enable hibernation; substitute the word off to disable it.

Normally, the Hibernate option is hidden from the Shutdown menu. To make it visible, open Power Options in Control Panel and then click Choose What The Power Buttons Do. Under the Shutdown Settings heading, select the Hibernate checkbox to display it in the Power menu.

Have questions?

For More Tips & Info from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/