Welcome to MOBS Bangladesh   Click to listen highlighted text! Welcome to MOBS Bangladesh Powered By GSpeech
Apr 15

Use System File Checker (SFC) to Scan and Repair System Files & use DISM to fix files where SFC fails

Download PDF

System File Checker (SFC) is a command-line tool that scans all protected system files and replaces incorrect versions with correct versions. This tool originally built for Windows 2000!, and all GA editions were shipped with it. In other words, SFC scans to check for any file corruption and repairs them accordingly. If you have modified your system files (including Windows DLL files) running SFC will revert the system files back to the default state.

Below table (SFC Switches) is a cut & paste from TechNet (Link provided below):

Switch Description
/scannow Scans all protected system files immediately.
/scanonce Scans all protected system files once at the next boot.
/scanboot Scans all protected system files at every restart.
/cancel Cancels all pending scans of protected system files.
/quiet Replaces all incorrect file versions without prompting the user.
/enable Enables WFP for normal operation.
/purgecache Purges the file cache and scans all protected system files immediately.
/cachesize= x Sets the file cache size in bytes. This change does not take effect

until you restart the computer.

/? Displays this list.

Follow the below steps:

  • Windows key + X, click “Command Prompt (Admin).”
  • On the Command Prompt, type the following command, and then press ENTER (assuming you are an Administrator & using a privileged account):
C:\WINDOWS\system32>sfc /SCANNOW

Please be mindful that it could take significant amount of time to complete this operation. Screenshot follows during its operation on a Windows 10 Pro computer:

sfc

When the SFC have finished running it will say either one of the following three notifications:

  • Windows did not find any integrity violations (this is very good)
  • Windows Resource Protection found corrupt files and repaired them (good news)
  • Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (sad news, not bad)

Screenshot follows with errors:

sfc-completedBut do check the log and remedy statements almost always available in Microsoft TechNet site. Now, export the log by issuing the following command:

findstr /c:”[SR]” %windir%\Logs\CBS\CBS.log >”%userprofile%\Desktop\sfcdetails.txt”

This command will export the log to readable format onto your desktop, in a file named “sfcdetails.txt”. Open the file and it should look like the following screenshot:

sfc-log-export-txtNow the repair part begins….with DISM

DISM (Deployment Image Servicing and Management)

If you are on win 8 (or higher build of 8.1 or 10 even) you  should also run DISM whether SFC found errors or not!! To check the health (You sould use /CheckHealth to only check whether the image has been flagged as corrupted). From the same administrative command prompt run the following command:

DISM /Online /Cleanup-Image /CheckHealth

To scan the health, use the /ScanHealth switch to scan the image for component store corruption. Please remember that this option does not fix any corruption.

DISM /Online /Cleanup-Image /ScanHealth

To restore health use the /RestoreHealth switch to scan the image for component store corruption, perform repair operations automatically, and records that corruption to the log file.  This generally takes 5-20 minutes depending on the corruption and size of the partition. You can run scanhealth & restorehealth at the same time by issuing both switches at the same time. Command follows:

DISM /Online /Cleanup-image /Scanhealth && DISM.exe /Online 
/Cleanup-image /Restorehealth

DISM1

After this, it’s a good idea to run the SFC again to check if the command produces any errors or not. If you get the error message “cannot find source files” you need to have an ISO file mounted and need to specify where it is located with the below command

DISM /Online /Cleanup-Image /RestoreHealth 
/source:WIM:X:\Sources\Install.wim:1 /LimitAccess

The ISO must be exactly the same version as the running OS.  An ISO of 10532.0 will not repair a running system of 10533.0. simply put, the file version mismatch and some additional files are also introduced. If you do not have an ISO, download it from Microsoft site: https://www.microsoft.com/en-us/software-download/windows10

Further Reading:

 

comments: Closed tags: ,
Sep 3

Command line to get your Service Tag in Windows

Posted in Microsoft, Windows 8
Download PDF

I was actually looking up for the Service Tag of my DELL E 6410 machine. At the back of the laptop panel the sticker has already worn out, and I started browsing the TechNet. Now, I found the WMIC (Windows Management Instrumentation Command-line) and should work to get the serial number or the service tag number from the BIOS for any laptop & desktop computer. I was so lazy to get into the BIOs and grab the service tag; that’s didn’t happen. Instead, I opened up the command prompt (Windows Key + R), then type cmd and press enter, command prompt fires up, type in the following command:

wmic bios get serialnumber

screenshot follows:

servicetagNow if you want to fiddle a bit with the command, try issuing the following command:

wmic bios get /format:list

Screenshot:

servicetag1I’ve used this on my DELL laptops, and got results on each of them, you should try yours. You will get some more information regarding your laptops BIOS information as well.

CON’S: Does not work in virtualized environment, as your host isn’t really in a real hardware.

  1. Useful WMIC Queries and the list of commands: http://blogs.technet.com/b/askperf/archive/2012/02/17/useful-wmic-queries.aspx
  2. WMIC (Windows Management Instrumentation Command-Line) http://msdn.microsoft.com/en-us/library/aa394531(VS.85).aspx
Aug 23

Install GUI on Windows Server 2016

Download PDF

I really got amazed or even startled that the first boot Windows Server presented a command line, along with the server manager. I closed the server manager console; and got stuck 🙂 with the command line only. Laughed for couple of minutes of my ignorance of the new technology. Then I recall the command “servermanager”, and it popped up again. Kinda felt idiotic too at that time.

Now coming back to the original topic. My apologies, this post is an orchestration, as I couldn’t load mspaint to work, nothing was there to save the print screen snapshot….. LOL

Now I have chosen the first option to be installed which led me to a command prompt only screen. The following picture is taken from TechNet.

Wsvr2016

After Windows Server 2016 CTP2/3 completes it’s installation, restarts for the final time, login into the server and issue the following command in the command prompt:

ServerManager

Screenshot would look like the following, as you can see the feature is already installed.

desktopexperience

I typed all lowercase, when the Server Manager actually pops up, then follow the screenshot location to install the “Server Graphical Shell” along with the “Desktop Experience”, well if you need it. I also installed the Ink services for the server to support sound/recording services. Please do read the right side description of the feature getting installed. Now after finishing the installation you will get the look just like the following screenshot:

Windows2016 Desktop

Essentially, the Windows Server is getting lighter and lighter with each release comes out. Can’t wait to test the server out with my new DELL Latitude E7240 Ultrabook, and the video recordings will be released to my YouTube channel. Furthermore, use the following command to add more features:

 

  • Add-WindowsFeature
  • Get-WindowsFeature
  • Remove-WindowsFeature

By the way, you can run the following powershell command to checkout if the GUI feature is installed or not:

Get-WindowsFeature *gui*
And the screenshot follows:
guicheck
comments: Closed tags: ,
Aug 20

Enable BitLocker, and to Prompt for PIN During Startup

Download PDF

First you need to check if the following items are there in your laptop/server

  • TPM Chip
  • Windows 7 Enterprise or Higher (Ultimate with or without N)
  • Windows Server 2008 R2 Enterprise or Higher

You can achieve BitLocker encryption introduced into any number of drives, and you can do this in two ways:

  • BitLocker Encryption tied to the TPM chip
  • Password protected BitLocker without the integration with TPM

Enable BitLocker: This exercise is done using Windows 8.1 Enterprise N Edition. Now, you can do it in a short step. On your keyboard, press “Windows Key+E”, Select your boot drive, right click on it and click enable BitLocker on this drive. It will prompt you to save the recovery key elsewhere, other than the fixed drive, perhaps a memory stick is a good choice. Save or Print the recovery key and let the wizard start the encryption. A screenshot:

Bitlocker_Complete

 

 

 

 

 

 

 

 

 

 

 

 

 

 

As you can see there are three options available to manage. Suspend the protection, backup again the recovery key & completely turning off BitLocker.

Now Lets run the following command:

gpedit_msc

 

 

 

 

 

 

 

 

 

Go to Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives. One the right pane/panel, double-click on the “Require additional authentication at startup”. Screenshot follows:

Bitlocker_GPO_PIN_Enable

 

 

 

 

 

 

 

 

 

 

 

First, Enable the policy, and set the fields as shown in the picture 🙂 Press OK afterwards and close the local policy editor. DO NOT RESTART YET.

Nope, we are not done yet…haha. Now we are going to set the TPM PIN for the encrypted drive; type in the following command:

manage-bde -protectors -add c: -TPMAndPIN

Bitlocker_PIN_Set

 

 

 

 

 

 

 

 

Provide the PIN two times. Now run the following command:

manage-bde -status

You should get the following summary result:

Bitlocker_Status

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

As you can see key protectors are initiated with TPM And PIN. Wala you are done, restart and get ready to provide the PIN, otherwise, you are doomed. Word of advice, do keep your BitLocker keys in safe place(s)

BitLocker PIN Login

BitLocker drive encryption was originally an integral security feature in Windows SBS 2008. You can back up a source volume that is encrypted with BitLocker. However, if you restore the backup to your server, it is restored without BitLocker encryption. You must manually enable BitLocker on the restored volume. Afterwards BitLocker ported to Vista and so on

You can do this after BitLocker has encrypted the entire drive. First you have to enable the local policy to require a PIN during startup. You could also do that centrally enterprise wide through Group Policy (GPO).

Checkout the following links as well:

comments: Closed
Oct 15

Windows Servers: DNS Ports

Download PDF

The default DNS port is 53. You can view the dynamic port range on a computer that is running Windows Vista or Windows Server 2008 computer by using the following netsh commands:

  • netsh int ipv4 show dynamicport tcp
  • netsh int ipv4 show dynamicport udp
  • netsh int ipv6 show dynamicport tcp
  • netsh int ipv6 show dynamicport udp

To comply with Internet Assigned Numbers Authority (IANA) recommendations, Microsoft has increased the dynamic client port range for outgoing connections in Windows Vista and in Windows Server 2008. The new default start port is 49152, and the default end port is 65535.

Traffic Type Source of Transmission Source Port Destination of Transmission Destination Port
Queries from local DNS server Local DNS server A random port numbered 49152 or above Any remote DNS server 53
Responses to local DNS server Any remote DNS server 53 Local DNS server A random port numbered 49152 or above
Queries from remote DNS server Any remote DNS server A random port numbered 49152 or above Local DNS server 53
Responses to remote DNS server Local DNS server 53 Any remote DNS server A random port numbered 49152 or above

 

comments: Closed tags: ,
Click to listen highlighted text! Powered By GSpeech