|
1 .. -*- coding: utf-8; -*- |
|
2 |
|
3 ============= |
|
4 Windows OS. |
|
5 ============= |
|
6 .. contents:: |
|
7 |
|
8 Determining windows version. |
|
9 ============================ |
|
10 |
|
11 Run winver.exe: <Win> + R winver <RET>. |
|
12 |
|
13 Or type: <Win> + <Break>. |
|
14 |
|
15 Under cmd.exe use built-in command ver. |
|
16 |
|
17 For Win 2000 and upper check registry key:: |
|
18 |
|
19 cmd> reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v CurrentVersion |
|
20 |
|
21 To check 32/64-bit OS use PROCESSOR_ARCHITECTURE env var (it has such values: |
|
22 x86, AMD64, IA64). |
|
23 |
|
24 Windows update. |
|
25 =============== |
|
26 |
|
27 To find updates and drivers visit (подлинность Windows not checked): |
|
28 |
|
29 http://catalog.update.microsoft.com/ |
|
30 |
|
31 You can search driver by keywords from Device Manager like:: |
|
32 |
|
33 VEN_10DE DEV_0247 |
|
34 VID_22B8 PID_2A62 |
|
35 |
|
36 Also you can find updates on: |
|
37 |
|
38 http://www.microsoft.com/downloads/ru-ru/default.aspx |
|
39 |
|
40 Check system files integrity. |
|
41 ============================= |
|
42 :: |
|
43 |
|
44 cmd> sfc /Scannow |
|
45 |
|
46 To complete repair you may need original installation CD (you can mount it |
|
47 from .iso image for example with DemonTools). |
|
48 |
|
49 Works for Windows 2000, Windows XP, Windows 2003. |
|
50 |
|
51 See |
|
52 |
|
53 http://support.microsoft.com/kb/222471/ |
|
54 http://support.microsoft.com/kb/310747/ru |
|
55 |
|
56 Repair boot. |
|
57 ============ |
|
58 |
|
59 If you only damage boot sector of master or system partition boot from Windows |
|
60 XP installation CD, enter to recovery console and run: |
|
61 |
|
62 cmd> fixboot |
|
63 cmd> fixmbr |
|
64 |
|
65 See |
|
66 |
|
67 http://support.microsoft.com/kb/307654/ru |
|
68 |
|
69 Automatically connect to shared resource. |
|
70 ========================================= |
|
71 |
|
72 Add to autorun such .bat file: |
|
73 |
|
74 net use x: \\server\share /user:username password |
|
75 |
|
76 See |
|
77 |
|
78 http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/net_use.mspx |
|
79 |
|
80 Activate windows. |
|
81 ================= |
|
82 |
|
83 http://www.microsoft.com/genuine/selfhelp/XPPkuinst.aspx?sGuid=bab9e103-6365-44dd-9337-93f0cd9dd4b7&displaylang=en |
|
84 Windows Product Key Update Tool Instructions |
|
85 |
|
86 Activate Windows XP. |
|
87 -------------------- |
|
88 |
|
89 Replace %WINDIR%/system32/winlogon.exe with valid in Safe Mode and run Windows Product Key Update |
|
90 Tool. |
|
91 |
|
92 Windows images. |
|
93 =============== |
|
94 |
|
95 http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2fcde6ce-b5fb-4488-8c50-fe22559d164e |
|
96 Windows XP Service Pack 3 - ISO-9660 CD Image File |
|
97 |
|
98 Access to Samba for Vista/7. |
|
99 ============================ |
|
100 |
|
101 By default, you cannot authenticate and share files to and from Mac OS X or |
|
102 Linux Samba due to a well known authentication method turned off by default. |
|
103 To enable this, |
|
104 |
|
105 Only for Windows Vista Ultimate/Business/Enterprise Editions. |
|
106 ------------------------------------------------------------- |
|
107 |
|
108 Goto Start->Run and open gpedit.msc or secpol.msc |
|
109 |
|
110 Select Continue on the User Account Control prompt. This will launch the Group |
|
111 Policy Object Editor for the Local Computer Policy. |
|
112 |
|
113 In the Group Policy Object Editor, expand: |
|
114 |
|
115 -> Computer Configuration |
|
116 -> Windows Settings |
|
117 -> Security Settings |
|
118 -> Local Policies |
|
119 -> Security Options |
|
120 |
|
121 Open the "Network security: LAN Manager authentication level" policy and |
|
122 change the Security Setting to: |
|
123 |
|
124 Send LM & NTLM - use NTLMv2 session security if negotiated |
|
125 |
|
126 Windows Vista Home Edition. |
|
127 --------------------------- |
|
128 |
|
129 Since Windows Vista Home Edition does not feature the Group Policy Editor, you |
|
130 may do the following to enable this feature: |
|
131 |
|
132 Goto Start->Run-> and type regedit. |
|
133 |
|
134 Select Continue on the User Account Control prompt. |
|
135 |
|
136 Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa |
|
137 |
|
138 Create the following DWORD value (if it doesn't exist): LmCompatibilityLevel |
|
139 |
|
140 And set its value to: 1 |
|
141 |
|
142 Map dir to disk. |
|
143 ================ |
|
144 |
|
145 To create:: |
|
146 |
|
147 cmd> subst [to-disk: [from-disk:]path] |
|
148 |
|
149 To remove:: |
|
150 |
|
151 cmd> subst disk: /d |
|
152 |
|
153 Standard scripts. |
|
154 ================= |
|
155 |
|
156 compmgmt.msc - Computer management |
|
157 devmgmt.msc - Device manager |
|
158 diskmgmt.msc - Disk management |
|
159 dfrg.msc - Disk defrag |
|
160 eventvwr.msc - Event viewer |
|
161 fsmgmt.msc - Shared folders |
|
162 gpedit.msc - Group policies |
|
163 lusrmgr.msc - Local users and groups |
|
164 perfmon.msc - Performance monitor |
|
165 rsop.msc - Resultant set of policies |
|
166 secpol.msc - Local security settings |
|
167 services.msc - Various Services |
|
168 msconfig - System Configuration Utility |
|
169 regedit - Registry Editor |
|
170 msinfo32 - System Information |
|
171 sysedit - System Configuration Editor |
|
172 win.ini - windows loading information(also system.ini) |
|
173 winver - Shows current version of windows |
|
174 mailto: - Opens default email client |
|
175 command - Opens command prompt |
|
176 |
|
177 appwiz.cpl - Add & Remove Programs |
|
178 timedate.cpl - Date/Time Properties |
|
179 desk.cpl - Display Properties |
|
180 inetcpl.cpl - Internet Options |
|
181 mmsys.cpl - Sound Settings |
|
182 sysdm.cpl - System Properties |
|
183 password.cpl - Password Options |
|
184 main.cpl - Mouse and Keyboard Options |
|
185 control fonts - Fonts Folder |
|
186 control printers Printers Folder |
|
187 |
|
188 Path. |
|
189 ===== |
|
190 |
|
191 Max path length. |
|
192 ---------------- |
|
193 |
|
194 260 chars. Use MAX_PATH macros from 'windows.h'. |
|
195 |
|
196 Allowed characters. |
|
197 ------------------- |
|
198 |
|
199 Not allowed: |
|
200 * characters from 0 to 31 |
|
201 * < (less than) |
|
202 * > (greater than) |
|
203 * : (colon) |
|
204 * " (double quote) |
|
205 * / (forward slash) |
|
206 * \ (backslash) |
|
207 * | (vertical bar or pipe) |
|
208 * ? (question mark) |
|
209 * * (asterisk) |
|
210 |
|
211 http://msdn.microsoft.com/en-us/library/aa365247.aspx |
|
212 Naming Files, Paths, and Namespaces |
|
213 |
|
214 Memory. |
|
215 ======= |
|
216 |
|
217 http://msdn.microsoft.com/en-us/library/ff542275%28v=VS.85%29.aspx |
|
218 Boot Parameters to Configure DEP and PAE |
|
219 |
|
220 PAE. |
|
221 ---- |
|
222 |
|
223 All 32-bit Windows XP support only 4 GiB RAM. To enable PAE (Physical Address |
|
224 Extension) edit 'c:\boot.ini', add option '/pae': |
|
225 |
|
226 multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="MS Windows XP Prof" /fastdetect /pae |
|
227 |
|
228 http://msdn.microsoft.com/en-us/library/ff557168%28v=VS.85%29.aspx |
|
229 /pae option |
|
230 http://www.microsoft.com/whdc/system/platform/server/pae/paedrv.mspx |
|
231 PAE support |
|
232 |
|
233 NX. |
|
234 --- |
|
235 |
|
236 NX (no execute) in Windows realised in Data Execution Prevention (DEP) |
|
237 technology. |
|
238 |
|
239 On 64-bit processes, DEP is enabled by default and cannot be disabled. For |
|
240 32-bit Windows DEP is supported in Windows Server 2003 with SP1, Windows XP |
|
241 with SP2, Windows Vista, and later versions of Windows. |
|
242 |
|
243 To enable NX on 32-bit Windows edit 'c:\boot.ini', add option |
|
244 '/noexecute=...' (alwayson/optout/optin/alwaysoff):: |
|
245 |
|
246 multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="MS Windows XP Prof" /fastdetect /noexecute=alwayson |
|
247 |
|
248 To see current DEP status run:: |
|
249 |
|
250 cmd> wmic OS Get DataExecutionPrevention_Available |
|
251 cmd> wmic OS Get DataExecutionPrevention_SupportPolicy |
|
252 cmd> wmic OS Get DataExecutionPrevention_Drivers |
|
253 |
|
254 http://msdn.microsoft.com/en-us/library/ff557134%28VS.85%29.aspx |
|
255 /noexecute parameter |
|
256 http://support.microsoft.com/kb/912923 |
|
257 How to determine that hardware DEP is available and configured on your computer |
|
258 |
|
259 Life cycle. |
|
260 =========== |
|
261 |
|
262 http://www.microsoft.com/windows/support/endofsupport.mspx |
|
263 End of support for Windows 98, Windows Me, and Windows XP Service Pack 1 |
|
264 http://www.microsoft.com/windows/lifecycle/servicepacks.mspx |
|
265 Windows Service Pack Road Map |
|
266 http://www.microsoft.com/windows/lifecycle/default.mspx |
|
267 Windows Life-Cycle Policy |
|
268 http://support.microsoft.com/gp/lifeselect |
|
269 Life-Cycle Policy by product |
|
270 |
|
271 NTFS junction points. |
|
272 ===================== |
|
273 |
|
274 To craete use 'junction.exe' from Mark Russinovich or 'linkd.exe' from |
|
275 Microsoft Windows 2000 Resource Kit. |
|
276 |
|
277 'junction.exe' included with Sysinternals suite. |
|
278 |
|
279 cmd> md c:\Program-Files |
|
280 cmd> junction c:\Program-Files "c:\Program Files" |
|
281 |
|
282 http://technet.microsoft.com/en-gb/sysinternals/bb896768.aspx |
|
283 Junction v1.05, Published: July 24, 2007 |
|
284 http://support.microsoft.com/?kbid=205524 |
|
285 How to create and manipulate NTFS junction points |
|
286 http://en.wikipedia.org/wiki/NTFS_junction_point |
|
287 |
|
288 Microsoft Windows 2000 Resource Kit. |
|
289 ==================================== |
|
290 |
|
291 http://support.microsoft.com/kb/927229 |
|
292 Windows 2000 Resource Kit Tools for administrative tasks |
|
293 separate tools downloads |
|
294 |
|
295 Microsoft security tools. |
|
296 ========================= |
|
297 |
|
298 http://www.microsoft.com/downloads/details.aspx?FamilyID=CD057D9D-86B9-4E35-9733-7ACB0B2A3CA1&displayLang=en |
|
299 |
|
300 http://www.microsoft.com/downloads/details.aspx?FamilyID=B1E76BBE-71DF-41E8-8B52-C871D012BA78&displayLang=en |
|
301 Microsoft Baseline Security Analyzer 2.1.1 (for IT |
|
302 Professionals) |
|
303 |
|
304 http://www.microsoft.com/downloads/en/confirmation.aspx?familyId=4a2346ac-b772-4d40-a750-9046542f343d&displayLang=en |
|
305 Enhanced Mitigation Evaluation Toolkit |
|
306 |
|
307 http://blogs.technet.com/b/srd/archive/2009/10/27/announcing-the-release-of-the-enhanced-mitigation-evaluation-toolkit.aspx |
|
308 Announcing the release of the Enhanced Mitigation Evaluation |
|
309 Toolkit (old version 1.0) |
|
310 |
|
311 http://blogs.technet.com/b/srd/archive/2010/07/28/announcing-the-upcoming-release-of-emet-v2.aspx |
|
312 |
|
313 Enable/Disabling UAC. |
|
314 ===================== |
|
315 |
|
316 To disable UAC on the computer, you must be able to log on with or provide the |
|
317 credentials of a member of the local Administrators group. |
|
318 |
|
319 Starting with Windows 7, UAC is disabled by following these steps: |
|
320 |
|
321 1. On the Start menu, type "UAC" and then click Change User Account settings. |
|
322 2. Move the slide bar to the bottom (Never Notify) and then click OK. |
|
323 |
|
324 On Windows Vista and Windows Server 2008, UAC is disabled by following these steps: |
|
325 |
|
326 1. Start Control Panel and double-click User Accounts. |
|
327 2. In the User Accounts tasks window, click Turn User Account Control on or off. |
|
328 3. Clear the Use User Account Control (UAC) to help protect your computer check box, and then click OK. |
|
329 |
|
330 http://windows.microsoft.com/en-US/windows-vista/Turn-User-Account-Control-on-or-off |
|
331 Turn User Account Control on or off |
|
332 |
|
333 Fix file association. |
|
334 ===================== |
|
335 |
|
336 Check current association:: |
|
337 |
|
338 $ cmd /c assoc | grep -i "^\.mp3" |
|
339 .mp3=mp3file |
|
340 |
|
341 Get list of all available commands:: |
|
342 |
|
343 $ cmd /c ftype |
|
344 ... |
|
345 AIMP.mp3="C:\Program Files\AIMP2\AIMP2.exe" "%1" |
|
346 ... |
|
347 |
|
348 and select one on them:: |
|
349 |
|
350 $ cmd /c assoc .mp3=AIMP.mp3 |
|
351 |
|
352 Clean up Windows system directories. |
|
353 ==================================== |
|
354 |
|
355 You can safely remove SP restore files:: |
|
356 |
|
357 %Systemroot%\$NtServicePackUninstall$ |
|
358 |
|
359 Also check such directories:: |
|
360 |
|
361 %SYSTEMDRIVE%\Program Files\Common Files |
|
362 %SYSTEMDRIVE%\Documents and Settings\USER\Application Data |
|
363 %SYSTEMDRIVE%\Documents and Settings\USER\Local Settings |
|
364 |
|
365 http://support.microsoft.com/kb/290402 |
|
366 HOW TO: Remove the Service Pack Restore Files and Folders in Windows |
|
367 |
|
368 Windows services from command line. |
|
369 =================================== |
|
370 |
|
371 List of all running services. |
|
372 ----------------------------- |
|
373 :: |
|
374 |
|
375 cmd> net start |
|
376 |
|
377 Start service. |
|
378 -------------- |
|
379 :: |
|
380 |
|
381 cmd> net start NAME |
|
382 |
|
383 Stop service. |
|
384 ------------- |
|
385 :: |
|
386 |
|
387 cmd> net stop NAME |
|
388 |
|
389 Schedule Tasks in Windows. |
|
390 ========================== |
|
391 |
|
392 List registered of task. |
|
393 ------------------------ |
|
394 :: |
|
395 |
|
396 $ schtasks /query |
|
397 |
|
398 Create task. |
|
399 ------------ |
|
400 :: |
|
401 |
|
402 $ schtasks /create /tn %TASK_NAME% /ru %ROOT% /sc daily /st 23:00:00 /tr "rundll32.exe user32.dll,LockWorkStation" |
|
403 |
|
404 /sc can be one of:: |
|
405 |
|
406 MINUTE HOURLY DAILY WEEKLY MONTHLY ONCE ONSTART ONLOGON ONIDLE |
|
407 |
|
408 Delete task. |
|
409 ------------ |
|
410 :: |
|
411 |
|
412 schtasks /delete /tn %TASK_NAME% /f |
|
413 |