Raymond.CC Blog

Category: Windows

  • Apply Hardening on Windows 7 and Windows Server 2008 using Command Line

    windows hardening icon

    Remember in the previous post I mentioned about how to simplify the system hardening process for Windows Server 2003 & Windows XP Professional system using Security Configuration and Analysis in Microsoft Management Console, you can easily locate those security templates inside MMC console, but if you try to do the same thing in Windows 7 & Windows Server 2008 system, you will found that the security template is missing from C:\Windows\security\templates\ directory. So where to get those files and how to prepare the security hardening on Windows 7 and Windows Server 2008?

    Apparently, the location for the security templates is already changed to C:\Windows\inf\ directory. You can refer to below security template in the directory mentioned above:

    Defltbase.inf
    (Security template for default security settings of your system)

    Defltwk.inf
    (Security template for Windows 7, inside this inf file contains the default recommended security settings for Windows 7)

    Defltsv.inf
    (Security template for Windows Server 2008)

    Defltdc.inf
    (Security template for domain controllers)

    You can still make use of Security Configuration and Analysis console to analyze and configure your system using the security template listed above. You can use the console or you can make use of ‘secedit’ command to apply the security settings by just using the command prompt.

    Secedit is a command line tool that exist since Windows 2000 for the purpose of imposing the security policy settings to all the system in the domain. In Windows 2000, the functionality of this command is similar to ‘gpupdate’. It enforces the group policy application to the workstation but the difference is, this command have to be ran at the domain controller in order to instruct the domain controller enforce the policy settings to apply immediately to all the machines that connected to the domain.

    Apply Hardening on Windows 7

    In order to make use of ‘secedit’ to analyze and configure your systems with security templates, you can refer to command lines below. The first command is basically to analyze your computer security settings by using the security template, and store the database into C:\Security folder. The second command is to apply the security settings onto your system. You will need to create a folder called Security under drive C:\, or else, the command will return ‘Invalid path – C:\Security’

    Analyze your computer security settings:

    secedit /analyze /cfg C:\Windows\inf\Defltwk.inf /db C:\Security\WorkstationSecSettings.sdb /verbose

    Apply security settings onto your computer:

    secedit /configure /cfg C:\Windows\inf\Defltwk.inf /db C:\Security\WorkstationSecSettings.sdb /verbose

    Just try it out, but please do not forget to backup your computer security settings, or else, it might screw up some of the programs.

  • Timestamp Ping with hrPING

    ping icon

    The ping utility in Windows is really useful to determine if there is a connectivity between the source and destination computer. You need to run Ping in command prompt together with the options as it doesn’t come with a friendly graphical user interface. I remembered attending a MCSE (Microsoft Certified System Engineering) class about 8 years ago and there was an arrogant guy that talks like he knows everything but then he ran the ping directly from Run (Start > Run) and he had a blank look on his face thinking what went wrong when a black window appears for a second and then disappeared. Well the good thing about command line utilities is the flexibility so you can use it in batch or scripts but it requires you manually type the command switches instead of clicking with your computer mouse.

    I am doing a research on something regarding IP addresses and the built-in PING utility in Windows is not powerful enough as I require time stamping. I need to know exactly when I am able to get a response on the destination IP address or when it times out.

    Ping with timestamp

    As you can see from the screenshot above, the Windows ping does not show the date and time at the ping results. After searching on the Internet, I found a free third party ping utility called hrPING which offer more features with accurate results than Windows PING.

    hrPING is also a command line utility, meaning you have to launch command prompt first then only run hrPING with the extra commands from there.

    I need to ping with:

    1. time stamp
    2. loop ping until manually stopped
    3. save the ping results to a text file

    The command to use with hrPING is:

    hrping.exe -t -T -F pingresult.txt 192.168.2.1

    hrPING timestamp

    Do take note of the character capitalization in options because they are different. For example, -t is for ping loop and -T is for time stamp. Another hrPING’s default option is it pings once every half a second or 500 millisecond. If you find it too fast, simply add -s 1000 to the command line and it will only ping once every second. For more options, you can either run hrPING.exe without any options which will show you the list of options, or visit hrPING’s official website at the link below.

    Download hrPING

  • Uninstall Windows Messenger in Windows XP

    After finished installing Windows XP Home or Professional edition, you may have noticed that Windows Messsenger runs when Windows XP is started up. Windows Messenger is the Microsoft instant messaging program built into Windows XP that encourages the users to use it to chat and interact with other users that have a Hotmail or Live account. The success of the current Windows Live Messenger that is widely being used today is probably due in no small part to the embedding of Windows Messenger in Windows XP.

    Windows Messenger is outdated today and is superseded by Windows Live Messenger. If you go to the Add or Remove Programs in Control Panel, you can’t find Windows Messenger listed under there for you to uninstall. To completely remove and uninstall Windows Messenger from Windows XP, you will need to use a more advanced method which is listed below. I have listed 3 solutions to remove Windows Messenger from Windows XP and you can use any method that you are comfortable with.

  • 5 Ways to Fix Windows Tooltips Showing Behind the Taskbar

    tooltip icon

    Windows tooltips will appear whenever you hover your mouse cursor over an item without actually clicking on it, and a small box pops up with information regarding the item being hovered over. A number of examples are the time and tray icons located down in the bottom right of the desktop which usually give you information, and also the quick launch icons or open windows on the Task bar which mostly just give you their name and maybe a description.

    Windows tooltip

    Over the years, a very common problem that a lot of people have faced is when they move the mouse pointer over any icons anywhere across the taskbar, and the tooltips are hidden behind the taskbar itself, not in front like they should be. This problem has been around since Windows 95 and can be quite annoying when there’s information you might want to actually read.

    Tooltip showing behind taskbar

    This is a well known bug that causes the taskbar tooltips to lose their “topmost” window status and be covered up by the taskbar. Microsoft acknowledged this tooltip problem existed back in 2006 but didn’t get around to doing anything about it until 2008 when XP Service Pack 3 came out. This cured most of the problems, but even today there are still reports of XP SP3, Vista and even Windows 7 users experiencing this issue from time to time.




  • Create a Jump List for any Pinned Taskbar Application • Raymond.CC

    When Windows 7 was released it came with several enhancements to the desktop interface, and one major areas of change was to the taskbar. Along came features such as the advanced preview window, a progress meter on a taskbar icon and Aero Peek to name a few. Something else to appear was an application’s icon on the taskbar also had the ability to display quick access options like some of the associate programs functions, recent history or favourites.

    These options are available by right clicking on the icon on the taskbar or left clicking and dragging the icon upward. And if you didn’t already know, this useful feature is called a Jump list. The Jump list feature has proved to be quite popular because it provides convenient shortcuts to several different functions at the click of a mouse.

    While Jump lists are being used to their full extent with a number of applications these days, there is still a lot which don’t take advantage of it effectively or even at all. This is where a handy piece of software called Jumplist Extender could prove to be useful because it can create a custom Jump list for just about any icon that gets pinned to the Windows 7 taskbar.


    A standard Chrome Jump List

    Jumplist Extender can perform a simple task of just opening a program with a command line argument such as opening a web browser with your favourite website as the argument. The program can also send keystrokes to the application window so you either enter simple commands or keyboard shortcuts to open the program and perform an action. And if that’s not enough, because Jumplist Extender is programmed using the AutoHotkey scripting language, it also supports the creation and running of AutoHotkey scripts, if you know how to use AutoHotkey of course.

    Jumplist Extender is open source software so is completely free to use. Although it comes with a setup installer, I was able to extract the Jumplist Extender setup with Universal Extractor and run it via the T7EPreferences.exe. Although I was able to create a jump list successfully, I can’t guarantee it will work perfectly this way, so it’s your choice.

    Something to note about this program is when you create a new jump list, any jump list already connected with the icon will be lost, and you can’t add to or edit an existing default jump list. In short, be careful about which icon you’re creating a new list for.

    On running the program, the first window to pop up will ask what you want to do. Obviously, if you haven’t already set up or saved any lists you need to start a new jump list. A file requester will then ask you to select an executable or shortcut file which the jump list is going to be created for.

    After that another window will ask to run the related application if it isn’t already open. When the program is open click on it and Jumplist Extender will recognise it’s the correct one. The next window is simply to verify the selection is correct, and if not you can try to reselect it. Click OK when you’re sure.

    The main window is where the list is created and is split into two, the left for the jump list layout and the right to create the entry. Entries can be added, removed or moved up and down the list using the buttons provided.

    To configure an entry, firstly give it a name and choose the icon if you want one. There are four different types of entry that can be created; Task, File/Folder Shortcut, Category and Separator. The File/Folder option will simply allow you to open a folder or execute an external file from the jump list. Category and Separator makes the list more readable if there are to be several entries.

    The task option is the most powerful as it offers three actions; Send keystrokes to window, Run command line or program and the Run AutoHotkey script action. The keystroke action is useful for sending things like hotkey combinations or entering text into a text box etc. In the above window I’m sending ‘ipconfig /all’ to the command prompt window which will run ipconfig when I select the entry in the pinned icon’s jump list. There are a number of possibilities here as you could also send blocks of text into a text editor or set it up to ‘Ctrl+V’ and paste clipboard content straight into a program.


    Custom Jump List for a Command Prompt pinned icon

    The Run command line or program action allows the running of the connected application or a different one with command line options. For example executing a browser with a website as the argument will open the related webpage. Eg; ‘C:\Program Files\Internet Explorer\iexplore.exe’ Raymond.cc. When you have finished creating the jump list press Ctrl+S or go to File -> ‘Save and apply to Taskbar’ to apply the changes.

    One minor gripe I have with the program is after a few hours of testing it popped up a nag asking to donate. Not too much of an issue if it only does it once, but every xx amount of hours would be a major pain in the neck. A workaround is to simply exit the application in the tray, it didn’t appear to affect the jump lists I had created although it might possibly cause problems with using custom scripts or something more advanced. A case of try it and see.

    Compatible with Windows 7

    Website and Download

    Didn’t find what you want? The links below could help:

  • Right Click Context Menus Added to your Desktop

    The right click context menu is obviously an important part of Windows and can be very useful for providing shortcuts and options to do numerous things. From scanning a file for a virus or adding something to a zip file, to running a program as administrator, the list of possibilities is huge. Sadly, a lot of software tends to leave behind data in the context menu as well, even when it’s been uninstalled and no longer on the system. A utility that did that exact thing to me recently was Winpatrol. Obviously, it didn’t take long to get rid of it with a tool like ShellExView.

    But minor issues aside, the context menu is a great place to put things to save time and make life a bit easier. With the arrival of Windows 8 removing the Start Menu by default, and limited space on the Task Bar if you already have several programs pinned, a well organised and efficient context menu could be a real time saver. Trying to find what you want by putting an icon on your desktop for just about everything isn’t really a practical solution.

    The good thing about using the context menu is although you need registry editing experience or a third party utility to create the entries in the registry for you, once you do that, no software needs to be running in the background.  Here’s a couple of quick and easy ways to get useful and important entries into the context menu with the minimum of fuss.

    A useful program to put some custom entries in to your context menu is Your Menu. This is an easy to use little tool that can add a single program entry in to the context menu, useful for a single application. Or you can create a cascading menu with several entries in a sub menu which makes the context menu cleaner and allow for more entries inside less space.

    Your menu comes as both an installable version and portable executable which is under 100K.

    Usage is easy, pressing the single radio button asks for a name which will be the text to display in the menu. Then click in the “Select a program” box and point to the executable file. Click ‘Generate Reg File’ which will generate the necessary files. Two registry files will be created, one to install the context menu, the other to remove it again.

    A cascading menu is a similar process, click the radio button and enter a name to display in the menu. The Executable name is obviously the name of the entry inside the sub menu and the process is the same for selecting a program. ’Generate Reg File’ finishes the process and the registry files will be created.

    The program does have a few quirks in that every time you click to create the reg files it adds extra back slashes to the entries, and to edit a path the select program window has to be opened and then closed again. Luckily, it only has to be used to create the registry files and doesn’t have to stay running in the background. An option to import menus for editing would have been a welcome addition.

    Compatible with Windows 7

    Website and Download

    This next utility is essentially a small collection of registry tweaks in the form of three .reg files to install, and another three to remove again. They are accompanied by a small frontend executable which will offer to create a restore point, but it’s not needed to use the tweaks as the registry files are located in the Tools folder. As it’s a zip file just extract to where you like and run the ContextMenu.exe to get to the frontend.

    There are three different menus to enable, the first is the ‘Control Panel’ menu which will give you quick access to some of the common Control Panel options.

    The second menu is ‘System’ which gives you quick access the things like the Event Viewer, Disk Cleanup and System Restore.

    The third menu gives shortcuts to some common Windows 7 built in utilities like the Command Prompt, Notepad and Sticky Notes.

    To uninstall the menus simply click the ‘Uninstall’ button of the menu you wish to remove in the frontend, or double click the relevant uninstall.reg file in the tools folder.

    Compatible with Windows 7

    Website & Download

    Obviously, IF you have sufficient knowledge of the registry, you can add extra options in or take them out yourself with either programs registry files. These options give some useful right click shortcuts to make some common Windows functions more quickly accessible. I would advise that if you have a context menu entry to a program that is no longer there, remove that entry as it could cause a lag with the context menu looking for programs it can’t find.

    Didn’t find what you want? The links below could help:

  • Manually Reset BIOS Password Like a Hacker to Access CMOS • Raymond.CC

    Many people are confused about CMOS and BIOS thinking that they are the same. There is actually a huge difference between CMOS and BIOS, so you may want to get it right to prevent saying the wrong thing especially when you’re in an interview for a new job. BIOS is actually a chip on the motherboard containing a program that communicates with the CPU and other parts of the system. The BIOS program cannot be configured but can be updated through flashing the firmware provided by the manufacturer. As for CMOS, it is another chip that keeps the configurable information which is read by the BIOS. If you look carefully at the top of the screen after accessing the Setup by pressing F2/F10/F12/Del key, it actually says CMOS Setup Utility but not BIOS setup.

    BIOS Security Features

    However the user and supervisor password that we can set to prevent unauthorized people from accessing the CMOS setup or to change the boot sequence is listed under BIOS Security Features according to AMI BIOS on my Dell computer. So I guess it is acceptable to say setting a BIOS password. Two of the most common and known old school methods to reset BIOS password is by switching the reset CMOS jumper or removing the battery from the motherboard. You can also reset BIOS password directly from Windows using a tool called CMOS De-Animator.

    If you are unable to open the computer case because it is a laptop, don’t want to get your hands dirty, or for some weird reason CMOS De-Animator doesn’t work, here is another method to reset BIOS password which I am very sure that it would work because I have personally tested it.

    Recently I came across two commands that claims to reset BIOS password when it is typed on the debug tool that is built-in to Windows.

    o 70 2E
    o 71 FF

    I ran the two commands above from debug.exe under Administrator rights in Windows 7 SP1 32-bit but sadly it does not work. After researching further about this method on the Internet, it seems to be widely posted but none have verified if it is truly working or if there are additional steps required. If you’ve been reading our articles, you would have realized that we normally take a step further to test and make sure that it is working rather than just for the sake of posting something on the blog.

    After much testing, I found that it is possible to reset BIOS password by typing the two commands in debug tool if you first boot up the computer in FreeDOS. Here are the detailed step-by-step instructions.

    1. Install FreeDOS in a USB flash drive using Rufus or UNetbootin.

    2. Download the debug.exe tool and save it to the root of your USB flash drive.

    3. Boot up the computer with your USB flash drive and type the following commands: (take note that the second and third command starts with the letter O and not the number zero.

    debug
    o 70 2E
    o 71 FF
    quit

    reset bios password with debug
    4. Restart your computer by simultaneously pressing Ctrl + Alt + Del and you would probably encounter error messages like CMOS checksum error which is normal. You can now access the CMOS setup without a password.

    The above method seems to be a perfect solution but what if you cannot change the boot sequence to boot up the computer from USB flash drive and it is set to only boot from the hard drive? Obviously you cannot do anything about it since the BIOS is locked out and you cannot get in the CMOS Setup Utility to change the boot order. Well not really. With a third party boot manager called Plop which I have reviewed before, it does the impossible by booting up your computer through USB or CD/DVD even if the BIOS does not support it.

    1. Boot up the computer and log in to Windows.

    2. Download Plop Boot Manager

    3. Extract the downloaded Plop Boot Manager, go to the Windows folder, right click on InstallToBootMenu.bat and select Run as administrator.

    Installtobootmenu.bat

    4. A command prompt window will open asking you to confirm adding the Plop Boot Manager to the Windows boot menu. Press the Y key and hit Enter. Then press any key to close the command prompt window.
    Confirm Install Plop
    5. Connect the USB flash drive containing the FreeDOS and debug.exe utility which you have created based on the previous step-by-step instructions.

    6. Now restart your computer and select Plop Boot Manager from the Windows Boot Manager.
    Plop Boot Manager at Windows Boot Manager
    7. Select USB from the starfield screen and the computer will amazingly boot up FreeDOS from the USB flash drive.
    Plop Boot Manager

    Now go ahead and run the debug tool followed by the 2 commands to reset BIOS password. To remove Plop Boot Manager from the Windows Boot Manager after you have successfully reset BIOS password, simply download and install EasyBCD, run it, click the Edit Boot Menu button and delete Plop Boot Manager from the list by selecting it with your mouse and click the Delete button.
    Uninstall Plop Boot Manager

    Related posts:

  • Reset BIOS Password from Windows with CMOS De-Animator
  • How To Reset, Remove, Clear or Reveal CMOS BIOS Security Password
  • How to Reset Windows 2003 / XP / 2000 / NT Account password
  • BIOS Master Password Keygenerator for Locked Out BIOS
  • Dell PC’s BIOS Boot Erase Disc (ISO)

  • Add or Remove Windows Features Through the Command Prompt • Raymond.CC

    If you didn’t already know, just about all versions of Windows come with a wide array of extra features installed which most people don’t even know about, or simply have no need to use them. From things like the Windows and internet games, to the indexing and search services and the XPS viewer. There are a number of features which most people, even power users, don’t have a great deal of use for. It does therefore, make a bit of sense to turn these Windows features off if they are never going to be used. They can always be turned on again at a later date if required.

    The easiest way to do this and a way which is easily achievable in Windows Vista and 7, is by going to the Control Panel, clicking on ‘Programs and features’ and selecting ‘Turn Windows feature on or off’. Windows XP users can do the same by going to ‘Add or Remove Programs’ and ‘Add/Remove Windows Components’. This is fine and not difficult for the majority of people, but for the more technically minded users who are comfortable using more manual methods, there is quite an easy way to do the same thing via the Command Prompt. This obviously has an advantage in that these features can be added into scripts and batch operations.

    Unfortunately though, this option is only available natively in Windows 7. It is called the Deployment Image Servicing and Management (DISM) command and is quite powerful for performing a number of tasks and not just enabling or disabling the Windows features. Although the Windows Features component is what the focus is here, DISM is also designed in a large part for manipulating Windows images (WIM’s) and injecting update packages as well as applying unattended functions to an image which may be covered in a later article.

    It’s no surprise that the command prompt needs to be run with Administrator rights so don’t forget to right click and ‘Run as Administrator’. You will get an ‘Error: 740’ if you forget!

    Type ‘Dism /online /get-features | more’ to get the full list of available features and whether they are currently enabled or disabled. A redirection similar to ‘>c:\dism_Features.txt’ can be appended to output the list to a text file.

    Add or Remove Windows Features Through the Command Prompt

    Typing ‘Dism /online /Get-FeatureInfo /FeatureName:*selected-feature*’ will give more details about the selected feature and whether it might need a system reboot after altering. NOTE: When typing in the feature name, it is case sensitive, ‘hearts’ won’t work, ‘Hearts’ will.

    Add or Remove Windows Features Through the Command Prompt

    Use ‘Dism /online /disable-feature /FeatureName:*selected-feature*’ to disable a selected feature. Enabling a feature again is simply changing ‘/disable-feature’ to ‘/enable-feature’ in the command. Performing several operations at once is done by appending another ‘ /FeatureName:*selected-feature*’ entry.

    Add or Remove Windows Features Through the Command Prompt

    The Deployment Image Servicing and Management (DISM) tool can be extremely powerful and used for an array of tasks on the local machine or for deploying custom made Windows 7 images. For some more technical reading about what it can do, there is a reference document over at Microsoft Technet.