Top 3 Useful Windows Commands for Desktop Support technicians

Windows 10 21H1

The Command Line

Most user don’t understand just how powerful the command line can be.  In tech, and also in my job I have to diagnose and troubleshoot several different types of issues.   I’m going to show you my top 3 commands that I use in Windows and why.  Not everything is straight forward but It will help  you understand why.   We’ll talk about these and why they are so useful and powerful.  Use these as you see feet but you will need to run the command line as Admin.   How to do that is simple, for most.

WINDOWS Key + S and type cmd but don’t hit enter.

Click on Run As administrator

Once you do that you will see the usual Command line windows appear.   We won’t go into detail about that but if you want to learn more about it.  There are several YouTube videos about it.  I’m not going to talk about those because other’s have but I will talk about the commands I use most often in my work.

Deployment Image Servicing and Management (DISM)

For any businesses that use their own images for windows or has a need to deploy Windows a certain this can be a handy little tool for when the image might need to be repair, or something might need to be added.    You can add and remove drivers to an offline image or you can do many different things to it.   However I will be talking about the repairing of the image because most of the time we have Hard drives that are mechanical and that can cause problems for the OS when the system get’s corrupt files or hard drive has bad sectors.   Each one of these scenarios can make it even harder for applications to work properly and that is why I use this with systems that have those types of hard drives.   My go to is always going to be this when I suspect the hard drive might be the cause of the issue.

DISM /Online /Cleanup-Image /RestoreHealth

You can run this command and see the progress but this isn’t the only command that helps with troublesome Hard drives.

System File Checker (SFC)

This is another good tool for those who might have issues with the system hard drive or even when you suspect something is corrupt.   I use this from time to time just like DISM for when there is something that isn’t right about the hard drive.   If you use this also with DISM you will see a noticeable improvement of your system response.   You will see that it will be quite handy for those times when you have to get data off the drive before it dies completely.

SFC /scannow

If you run this in command line and wait you will see if it finds bad files or it will tell you what it found.  It won’t be a very informative but it will help.

Check Disk Utility

The Windows Check Utility is the last one of the three that I most often. It helps to check sectors and to check the health of the system and also fixes most of the problematic issues of mechanical hard drives.  So when I says this it can be used on SSD and even NVME but it does his best job on hard drives that have spinning parts.   Most users don’t understand about the volatility of the mechanical hard drive.   So it is very useful to check the disk and make sure there are not bad sectors or fix bad area’s of the hard drive.  This one will need to be rebooted to allow it to be used to its fullest but it is a handy little command when you want to make double sure that you will be able to keep Windows running.

chkdsk [DRIVE] /f

You can tell it multiple drives or just the main drive which would be C: but be warned the bigger the HDD the longer it will take to scan it.  You will also need to reboot to have it do it’s job because it needs to un-mount the drive, if you choice to do the C: drive.   It has in the past helped me out in many different situations and that is why I use these three commands a lot for my job.

What are your favorite commands to use in command line or in Windows General.  I’d like to hear them and find out more useful commands that might help me in my job.   Why not leave a comment and let everyone know.

 

Microsoft Defender Borks up the Start menu icons

microsoft, update, software, developer, automatic, icon, laptop, device, wireless, network, it, logo, ms, business, windows, operating system, os, computer, color, line, font, area, technology, product, angle, wing, graphics, mat, Free Images In PxHere

Photo by mohamed_hassan from PxHere

Microsoft Creates issues

This all started on Friday the 13th, 2023. We all started getting tickets galore for this issue, when we first saw this issue we thought it mgiht be something to do with company’s policies being changed and someone didn’t do their job testing it. Being that I am doing my job and trying to solve the issues that are at hand, I didn’t think twice that it was more globally than just our little corner of the company. As we get back into the office Monday we get even more of these tickets where the icons have disappeared and the little work around we sent out friday night still hasn’t solve some of the issues. Icons from all sorts of places have disappeared including stuff I didn’t even think would happen.

Well there it is, it seems Microsoft released an update that caused all the icons to disappear or not to function at all. I’ve been dealing with this issue for the past 5 days as our company scrambles to get the issue resolved for their employees. We’ve learned a few things and I will be glad to share it with you.

Icon restoration

There are several ways I’ve found that works to help restore the icons in the Start Menu.   One of the easiest way is to go to “Add and remove programs” and modify the app that isn’t showing up and Repair or reinstall if that is the option.  This is what we had to do at our location but that isn’t all we are having to do.  We are also having to do this for like Adobe and even Office 2016 but I am sure this affects all versions of Office.

Other ways you can restore icon is to registry edit the default icons and make them get repopulated with the right Icons.  I even go into default apps and reset that to help push the apps back into place.

Another way people have found tofix this issue at least with Office apps is to run it siliently and let it repair it selve in the background:

“C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe” scenario=Repair platform=x86 culture=en-us DisplayLevel=False

Microsoft Defender

According to Microsoft it was a the Microsoft Defender ASR rules that caused all this in the first place.   I don’t Know how many IT Admins are happy right now, I am sure not because of all this that happened but It really makes you wonder how this got past the pre-test phase and how anyone would push out an update like this that caused so much trouble.

Many people are wondering how this happened but My real question is will it happened again.  This isn’t going to be a big post but a short one to help those fix the issue at hand and hopefully we get it solved as quickly as possible and everyone get’s back to a normal routine.

The Prevailing winds of the Lastpass Breach — How it affects you!

hacking, cyber, security, hacker, technology, web, coding, internet, face, mask, identity, hack, virus, danger, protection, anonymous, code, crime, criminal, firewall, illegal, password, spy, stealing, thief, illustration, font, graphic design, art, graphics, clip art, Free Images In PxHere

Photo by mohamed_hassan from PxHere

Understanding the Lastpass Breach

Let us be clear about this, people really don’t truly understand what is going on with this breach.   It however will not stop the threat actors from taking control of your data if they get a chance.   This means they will go after the websites you will visit or maybe impersonate you in some way to get the access they are seeking.   Either way it isn’t like we can just sit back and do nothing.

“It is possible to crack those passwords,” Melissa Bischoping, director of endpoint security research at Tanium, said via email. “Instead of running the math to determine how complex your password would be to crack with modern equipment, it’s best to go ahead and do some credential hygiene.” — CyberSecurity Dive

Credential hygiene is necessary in our day to day routines because it helps stops theft of our accounts and our personal information.  However that doesn’t that the Meta data associated with your vault was encrypted, in fact it wasn’t and can be used to exploit this issue.   So even if they don’t brute force yoru password vaults, they can do fishing or means to get the access they are seeking so they can get even more information about you to use against you.

The Lingering effects of Password Managers

Password managers are a necessity in today’s time because of the all too common breaches.  Even if Lastpass wasn’t breached, some other site or sites would of breached and you’d still have to change your password or add multi-authenticator access to prevent any authorized access.  This goes without saying, we will see other breaches and it will not just be Lastpass.   Sooner or later some other Password manager will be a target and we will see this again but that shouldn’t deter you from using a Password manager it is the one tool we will always need to create even better Passwords than we could by our selves.    Although Many in the Security field are advicing users to go to another Password Manager.  I too have not like the taste of what Last Pass has done.  They way they made it sound less important that it truly is but that just might be because they’re lawyers got involved.   Either way I will suggest three things to better help you even if you keep Last pass.

  1.  Check your interations and make sure you have them high.   I think the minium we should have is over 500,000 interations to make sure they can’t be hacked the next time as easily.   Also if they are low, now is a good time to bump them up even though it makes you more of a target right now.  This will help in the future, in case there is another breach.
  2. Change all your imporant sites passwords, don’t just wait to get hacked might as well go through and see which sites you are truly using right now and go ahead and change your password and if you can add an authentication method to help protect you incase there is another hack down the road.
  3. Create a new masterpassword which isn’t anywhere close to what you have now.  If you can create your own acronym with a minium of 12 digits that would help. (What is an acronym?)  I suggest not using the most common acronyms but creating one that you can only remember and use that.   It may take some time but it could be something you have to say everytime you type in on your computer, just don’t let everyone else hear it.

Those Password Managers

Finally, let’s talk about your choices in this matter. Even though I talked about this in the previous post, we should at least look at the ones that might want to go another service.  Here are a few of them that I saw around the internet:

  • Bitwarden  — This is the one I perfer to go to because it is so opened sourced and you have several options to choice from.   It is where a lot of people are going right now after the LastPass Breach, I am sure of it.
  • 1Password —  This one I only know about through what i’ve heard.  I’ve heard good things about this but there are not many options to those who are wanting free.   This is good because they’ve been in this for quite sometimes.  I’ve heard of this company for MANY years and still has some great value to give to their users.
  • Dashlane — I’ve never heard of this product but it comes highly recommended by other because of how security focused they are.  You will have to pay a yearly subscription fee and there is only a demo version that means you do not have a free version.
  • Roboform — I’ve talked about Roboform way in the past and still it was a very useful password manager when I was using them 10 or so years ago.  So they must ast least be doing something right to still be in the business.   I haven’t explored them lately but I might just do that again to see how they are doing.

As you can see you have several choices to choose from if you decide you want to get away from Lastpass but ultimately you will have to decide what you want to do.  I am still going to possibly go to Bitwarden because of the open source or I might go back th Roboform if I can find my license that i had with them in the past.  I haven’t really decided I think Bitwarden would be my best choice because I know people can look at their code and help keep my passwords secure.   Are you planning on changing or staying with Lastpass?  Who will you be going to if you are going to change Password Managers?  Why not leave a comment and tell me your options.  I’d love to hear them and find out exactly what you are thinking about this LastPass breach.

Is it time to say NO to LastPass?

Lastpass Recent Incident

Lastpass in the recent has been an excellent password manager and I was one of the many supporters.   The problem with it now is that it is going down hill.   They seem to not want everyone to know just how severe this incident is and have not really done the job that we should of expected.   In December they sent out a small notice to people and reference their blog post.   Who is going to go look at a blog post around Christmas.   I sure as heck was to busy with other stuff to worry about a small email telling people to check out the blog post.   LastPass you should of done better and put out the warning bells for everyone to know just how much you screwed up.

In there blog post:

The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.

Vault and Robbers

You see this isn’t very nice how much information they didn’t send out on the email.  This should of been “Danger, Will Robinson, Danger!” type of warning.  Yet, Lastpass didn’t sound the alarm.  Shame on you for not doing the right thing.   As you can see they got your vault data and mine, althought they can’t really use it without the master password but it is only going to take time and then they will have all our passwords for sites across the internet.   There’s the problem they don’t seem to care that it got out.   The threat actors will use GPU’s and other hardware to finally figure out one user at a time their passwords and it could be years before they get to yours or it could be next month depending on how good you Master Password was.   Was it long or was it Short?  What about enterations?  Did you bump it up to keep it from getting hacked and making it harder for them to figure out your Master Password?

The threat actor may attempt to use brute force to guess your master password and decrypt the copies of vault data they took. Because of the hashing and encryption methods we use to protect our customers, it would be extremely difficult to attempt to brute force guess master passwords for those customers who follow our password best practices.

As you can see even Lastpass has stated they will eventually do that to each and every vault password they can, but did you their suggestions?  Probably not and I wouldn’t blame you because we don’t always have time to keep track of what they recommend.

They claim it could take thousand of years for threat actors to crack the Master Password:

f you use the default settings above, it would take millions of years to guess your master password using generally-available password-cracking technology.

However that isn’t alwasy true if they have enough computers put enough effort into cracking a vault it could be sooner and not later.   The way technology is growing and the speeds of comptuer now would mean threat actors could start usurping people processing powers and have thousands of computers world wide to crack the Master Password keys.   That is how Bitcoin came into being but we wouldn’t know it until it could be too late.

Is it time to switch to another Password Manager?

I’m inclined to switch to Bitwarden just because it is open sourced and I really feel like at least I won’t have to worry about my passwords being leaked.   I will also probably go through every site that I visit and change my password and also use 2FA (2nd Factor Authentication) to prevent threat actors from taking control of my accounts.   I’m going to explore my options but I am more and more thinking about going somewhere else where my data can be safer than with Lastpass.  What’s your throughts on this?  are you staying with LastPass or are you Planning to go somewhere else?

The Last of Us Is Coming to Steam Deck

Last of Us on Steam

Steam and Steam Deck

This is one of those games that has been out for years. I won’t say it hasn’t been something that I look forward to play.  It has some graphical scenes but that goes along with the zombie apocolypses that you see every time in movies and shows.   This popped up on my radar last week when I saw this over the weekend on some social media.  I thought they were kidding so I went did some searching and it is comign to the Steam.  I can imagine it will also be coming to the Steam Deck because of how old the game is.   It’s is almost a 10 year old game but has been remastered to work with the Playstation 4 and Playstation 5.   With all this in the air, I am fairly certain it wil work on the Steam Deck out of the gate as it is released.  Even the newer versions of the game doesn’t require as much as Spiderman game.  Which I love to play on my PC or Steam Deck when I am on long car rides.  I can’t see this not being released to the Steam Deck.

Pre-orders 

It is currently on preorder for the game.  It will cost people $59.99 and it looks to be very interested when they finally release it.  I have heard this game has some great story lines and will be like Laura Croft to a point so that much will always keep me going with puzzles and being able to explore the worlds.   I’ve watch people play through the game from time to time on Youtube and it looks to be insteresting.  I have already put my money down for Pre-order since I don’t have a playstation.   My Steam Deck is ready to recieve the game once it is released.  I suspect the first week or two there may be problems with the Steam Deck but I am hopeful that they will fix them quickly enough.

March 3, 2023

That the time it is set to be released on Steam, I am hopeful they don’t delay it because this will be so helpful on my next trip in April that I am all set to go. I will have several hours to waste while traveling and this game will be my game to play to keep my busy while traveling.  I suspect this will be a 30 or 50 Gb download and install on any system.  So i will be keeping that much ready to be downloaded to my Steam deck.   I also have found a really small portable dock that I can take with me.   I’ve found it around town.  It’s Call the Gizmovine USB-C hub and it is currently not available on Amazon.  I guess you can go to Newegg and buy it if you want to pay more for it.  I do wonder if I can find more of these these hubs to use for later.   Small Post about this upcoming game.

Are you planning to buy this game or do you think it is worth the 60$ price range?  Let me know what you think and tell me if you have played this before.  Thanks.