Categories
Win 7 Windows 7

Windows Update error 80072efd on Windows 7

For a couple months now I haven’t been able to update my precious Windows 7.  I would get a message that the updates failed with, “Windows Update error 80072efd.”  I tried all the steps from the Windows Help and Support window (running the Windows Update troubleshooter and adding the Windows Update websites to the Windows firewall exception list) to no avail.  Out of desperation I found a reference to correct this problem on Vista by running netsh winhttp reset proxy.  It worked!

Open a command prompt as administrator (Start / All programs / Accessories, right-click “Command Prompt” and select “Run as administrator”).

At the command prompt run:

netsh winhttp reset proxy

Try Windows Update update again.

Categories
Command Prompt run as administrator Windows 2008 Windows 7 Windows Vista

Open a Command Prompt as Administrator in Windows 7, Vista and Windows 2008

Often, even if you are logged on as a user which belongs to the local Administrators group, you may have to open a command prompt (or other program) as “administrator.”  Simply right-click the shortcut (Start, All Programs, Accessories, Command Prompt) and select Run As Administrator.

Applies to:

  • Windows 7
  • Windows 2008
  • Windows Vista
Categories
Windows 7 Windows Task Manager Windows Vista

Keyboard Shortcut to open Windows Task Manager in Windows 7 and Vista

Microsoft changed things up again. Back in the day (Windows 2000, 2003, XP, etc.) you could easily open Windows Task Manager using Ctrl + Alt + Del, then pressing T.  Now in Windows 7 and Windows Vista you can still use Ctrl + Alt + Del which displays a screen whith options like Lock this Computer, Switch User, Log Off, Change Password, and Start Task Manager.  However, pressing T does nothing, and in fact, no keyboard shortcuts work on this screen to choose one of the items from the list – even tab and arrow keys don’t let you pick from the list.  You have to use your mouse pointer.  Stupid, stupid, STUPID!  Way to go Microsoft!

So to launch Task Manager in Windows 7 and Vista you would have to go through this double step process of pressing Ctrl + Alt + Del, then reaching over to your mouse and clicking on Start Task Manager.  I can understand Microsoft trying to make things easier for new users and for the masses.  But for heaven’s sake please leave old keyboard shortcuts in place for those of us who have been using Windows for a while.

Enough ranting and raving.  Although this has probably been the case all along (this old dog had to learn a new trick), you can use Ctrl + Shift + Esc to open Task Manager directly and bypass the hassle and frustration introduced by MS with Vista.

Categories
IIS 6 IIS 7 Windows 2003 Windows 2008 Windows 7 Windows Vista

Restarting IIS using the command-line

You can restart IIS and disable Reliable Restart using the command prompt and Iisreset.exe. See the following command-line usage and parameters.

iisreset [computername]
 
/RESTART Stop and then restart all Internet services.
/START  Start all Internet services.
/STOP Stop all Internet services.
/REBOOT  Reboot the computer.
/REBOOTONERROR   Reboot the computer if an error occurs when starting, stopping, or restarting Internet services.
/NOFORCE Do not forcefully terminate Internet services if attempting to stop them gracefully fails.
/TIMEOUT:val Specify the timeout value (in seconds) to wait for a successful stop of Internet services. On expiration of this timeout the computer can be rebooted if the /REBOOTONERROR parameter is specified. The default value is 20s for restart, 60s for stop, and 0s for reboot.
/STATUS Display the status of all Internet services.
/ENABLE  Enable restarting of Internet Services on the local system.
/DISABLE Disable restarting of Internet Services on the local system.

Example (restart IIS on local computer):

iisreset /restart

Categories
BSOD Command Prompt cscript Linux systeminfo Windows 2008 Windows 7 Windows Vista WMI wmic

Find Last Reboot Time in Windows 7, Vista and Windows 2008

Have you ever wanted a quick and easy way to know how long your Windows 7 (or Vista or Windows 2008 server) system has been running?  When it was last restarted or rebooted?  There are a few easy ways this can be done, most from the Windows command line.  So open a Windows command prompt and choose the one that works best for you.  (Most of these commands work with Windows XP, Windows 2003, 2000, etc.  See notes below for specifics.)

  • This first way will display how long the network service has been running.  Generally this will be very close to the same amount of time (within a minute or two) as Windows has been running.  It won’t be accurate if you restart the network service.
    Note: I listed this first because it’s the one I usually use.

    From a command prompt window run the following (the ‘S’ in ‘Statistics’ must be capitalized):

net statistics workstation | find "Statistics"

You can shortcut it as well using:

net stats work | find "Stat"

Result:

Or ever shorter use either of the following:

net stats work
netstats work |more

  • This next method uses the command ‘systeminfo.’  Again from a command prompt run (make sure to capitalize ‘S’, ‘B’ and ‘T’:

systeminfo | find "System Boot Time"

Result:

You can use the following on XP, Windows 2003 and earlier (however this will give only the length of uptime and not the system boot time):

systeminfo | find "Up Time"

  • The third method uses WMI, more specifically wmic (Windows Management Instrumentation Command-line), but the output is a little cryptic:

wmic OS Get LastBootUpTime

Result: 20091220133343.981621-300, which can be intrepreted as year 2009, month 12, day 20, hour 13 (or 1:00 PM), minute 33, etc.  Note: be careful as this may be displayed as UTC time depending on your system – like with Amazon EC2 virtual servers for example.

  • You can always use the system event log (this only works on 2003/XP or older).  Of course, you could go to Control Panel and browse through the system event log, but let’s do it through the command line with:

cscript c:windowssystem32eventquery.vbs /fi "ID eq 6005" /l system

Over the years I have found system event log event 6005, “The Event log service was started.” to be the the most consistent entry after a computer restarts, even from a power outage, BSOD or other event.  This command will also give you a history of system startups listed in the System event log.

  • Finally, you can use this handy PowerShell script:
    Get-WmiObject Win32_NTLogEvent -filter "LogFile='System' and EventCode=6005" | Format-Table ComputerName, EventCode, Message, TimeWritten

Just like with anything there are many ways to skin this cat, so choose your favorite one (or two to double-check data) and go for it.

Categories
Hibernate Linux Windows 7

How to Enable or Disable Hibernate in Windows 7

The hibernate feature allows operating system to save and write the running state and contents of RAM as a file (c:hiberfil.sys) or partition to non-volatile storage such as a hard disk, before powering off the computer. Hibernation allows system to quickly restart and restore to the previous state when hibernation was invoked, instead of having to shut down, then restart applications.

In Windows 7, the hibernate option should be enabled by default, However, if you can’t find Hibernate option in the Start menu / power button, it can easily be enabled.  This works in Windows Vista, Windows 2008, 2003, etc.

How to Turn On or Enable Hibernate in Windows 7

  1. Open an elevated Command Prompt with administrator rights by typing cmd in Start / Search, and then hit Ctrl + Shift + Enter keyboard shortcut.  Or, select Run as Administrator from the cmd in search results or Start, Programs, Accessories, cmd.
  2. Type the following command, and hit Enter:

powercfg /hibernate on

The hibernate option should now be available in the Start menu, power button.

How to Turn Off and Disable Hibernate in Windows 7

  1. Open an elevated Command Prompt with administrator rights by typing cmd in Start / Search, and then hit Ctrl + Shift + Enter keyboard shortcut.  Or, select Run as Administrator from the cmd in search results or Start, Programs, Accessories, cmd.
  2. Type the following command, and hit Enter:

powercfg /hibernate off

Note: Windows does not support hibernation on system with 4GB or more RAM memory.

Related

Categories
Linux Notepad++ Windows 7

Add “Open with Notepad++” to the Context Menu for All Files in Windows 7

Having the context menu option, “Open with Notepad++” (my favorite FREE Windows text editor) is invaluable, making it easy to quickly and easily open files with just a (right) mouse click or two.

This registry hack is nothing new, it’s been around forever… think of this as a refresher course. Also note that you can use this same technique to substitute any other application that you’d like by adjusting the path in the registry to point to the different editor or to add other “open with” Context Menu options.

Registry Hack
Open regedit.exe and navigate to the following key:

HKEY_CLASSES_ROOT*shell

  • Right-click on “shell” and choose to create a new key, calling it “Open with Notepad++”. 
  • Create a new key below that one called “command”.
  • Double-click on the (Default) value in the right-hand pane and enter in the following:

C:Program Files (x86)Notepad++notepad++.exe %1

NOTE: your path may be different.

The change should take effect immediately.  Now you can right-click on any file and you’ll see the new “Open With Notepad++” menu entry.

Download Registry Hack
Just copy the following and save it to a file with a .reg extension.  Double-click the file and import to your registry.

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT*shellOpen With Notepad++]

[HKEY_CLASSES_ROOT*shellOpen With Notepad++command]
@=”C:\Program Files (x86)\Notepad++\notepad++.exe %1″

NOTE: This will work on previous Windows versions as well – Vista, Windows 2008, Windows 2003, etc.

Categories
Linux Quick Launch shortcut Show Desktop Windows 7 Windows Vista

How To: Create A Show Desktop Shortcut on Windows 7 and Vista

While Windows 7 (and Vista, if I remember right) does have a “Show Desktop” shortcut – it’s in the system tray, to the right of the clock – you may long for the days when it was in the Quick Launch toolbar like in XP or Windows 2003.

Not to fear.  You can easily create a show desktop shortcut and place it anywhere you’d like.

Open your favorite text editor and type the following code:

[Shell]
Command=2
IconFile=explorer.exe,3
[Taskbar]
Command=ToggleDesktop

Save the file as ‘Show Desktop.scf’ and make sure theat ‘All Files’ is selected in the File Type list.  Save this file on your desktop, then drag it to the Quick Launch toolbar.

If you want to customize the icon and use your own Icon instead of using the Windows default, put the path of the icon next to ‘IconFile=’ as follows:

IconFile='PATH_TO_ICON',0

See also Create Windows Shortcuts With a Script at the Command Line.

Categories
Linux sdelete Security Windows 2008 Windows 7 Windows Vista

Securely delete files in Windows

The only way to ensure that deleted files, as well as files that you encrypt with EFS, are safe from recovery is to use a secure delete application. Secure delete applications overwrite a deleted file’s on-disk data using techiques that are shown to make disk data unrecoverable, even using recovery technology that can read patterns in magnetic media that reveal weakly deleted files. SDelete (Secure Delete) is such an application.

You can use SDelete both to securely delete existing files, as well as to securely erase any file data that exists in the unallocated portions of a disk (including files that you have already deleted or encrypted). SDelete implements the Department of Defense clearing and sanitizing standard DOD 5220.22-M, to give you confidence that once deleted with SDelete, your file data is gone forever. Note that SDelete securely deletes file data, but not file names located in free disk space.

Using SDelete
SDelete is a command line utility that takes a number of options. In any given use, it allows you to delete one or more files and/or directories, or to cleanse the free space on a logical disk. SDelete accepts wild card characters as part of the directory or file specifier.

Usage: sdelete [-p passes] [-s] [-q]
sdelete [-p passes] [-z|-c] [drive letter]

-c Zero free space (good for virtual disk optimization).
-p passes Specifies number of overwrite passes.
-s Recurse subdirectories.
-q Don’t print errors (quiet).
-z Cleanse free space.

How SDelete Works

Securely deleting a file that has no special attributes is relatively straight-forward: the secure delete program simply overwrites the file with the secure delete pattern. What is more tricky is securely deleting Windows NT/2K compressed, encrypted and sparse files, and securely cleansing disk free spaces.

Compressed, encrypted and sparse are managed by NTFS in 16-cluster blocks. If a program writes to an existing portion of such a file NTFS allocates new space on the disk to store the new data and after the new data has been written, deallocates the clusters previously occupied by the file. NTFS takes this conservative approach for reasons related to data integrity, and in the case of compressed and sparse files, in case a new allocation is larger than what exists (the new compressed data is bigger than the old compressed data). Thus, overwriting such a file will not succeed in deleting the file’s contents from the disk.

To handle these types of files SDelete relies on the defragmentation API. Using the defragmentation API, SDelete can determine precisely which clusters on a disk are occupied by data belonging to compressed, sparse and encrypted files. Once SDelete knows which clusters contain the file’s data, it can open the disk for raw access and overwrite those clusters.

Cleaning free space presents another challenge. Since FAT and NTFS provide no means for an application to directly address free space, SDelete has one of two options. The first is that it can, like it does for compressed, sparse and encrypted files, open the disk for raw access and overwrite the free space. This approach suffers from a big problem: even if SDelete were coded to be fully capable of calculating the free space portions of NTFS and FAT drives (something that’s not trivial), it would run the risk of collision with active file operations taking place on the system. For example, say SDelete determines that a cluster is free, and just at that moment the file system driver (FAT, NTFS) decides to allocate the cluster for a file that another application is modifying. The file system driver writes the new data to the cluster, and then SDelete comes along and overwrites the freshly written data: the file’s new data is gone. The problem is even worse if the cluster is allocated for file system metadata since SDelete will corrupt the file system’s on-disk structures.
The second approach, and the one SDelete takes, is to indirectly overwrite free space. First, SDelete allocates the largest file it can. SDelete does this using non-cached file I/O so that the contents of the NT file system cache will not be thrown out and replaced with useless data associated with SDelete‘s space-hogging file. Because non-cached file I/O must be sector (512-byte) aligned, there might be some left over space that isn’t allocated for the SDelete file even when SDelete cannot further grow the file. To grab any remaining space SDelete next allocates the largest cached file it can. For both of these files SDelete performs a secure overwrite, ensuring that all the disk space that was previously free becomes securely cleansed.

On NTFS drives SDelete‘s job isn’t necessarily through after it allocates and overwrites the two files. SDelete must also fill any existing free portions of the NTFS MFT (Master File Table) with files that fit within an MFT record. An MFT record is typically 1KB in size, and every file or directory on a disk requires at least one MFT record. Small files are stored entirely within their MFT record, while files that don’t fit within a record are allocated clusters outside the MFT. All SDelete has to do to take care of the free MFT space is allocate the largest file it can – when the file occupies all the available space in an MFT Record NTFS will prevent the file from getting larger, since there are no free clusters left on the disk (they are being held by the two files SDelete previously allocated). SDelete then repeats the process. When SDelete can no longer even create a new file, it knows that all the previously free records in the MFT have been completely filled with securely overwritten files.

To overwrite file names of a file that you delete, SDelete renames the file 26 times, each time replacing each character of the file’s name with a successive alphabetic character. For instance, the first rename of “foo.txt” would be to “AAA.AAA”.

The reason that SDelete does not securely delete file names when cleaning disk free space is that deleting them would require direct manipulation of directory structures. Directory structures can have free space containing deleted file names, but the free directory space is not available for allocation to other files. Hence, SDelete has no way of allocating this free space so that it can securely overwrite it.


Download SDelete
(47 KB)

Categories
Command Prompt Linux Win 7 Win7 Windows Windows 7 Windows Vista Windows7

Getting the Most out of Windows Command Prompt

If you are like me you use the command prompt a lot.  It seems each time I logon to a new system I have to setup the command prompt just the way I want.  The first thing I do is create a shortcut in the Quick Launch toolbar.  Next I modify that shortcut so it will better suit my needs.

Right-click the shortcut and select Properties.  On the Shortcut tab add ” /f:on” (without the quotes) to the Target – make sure there is a space between cmd.exe and /f:on, and if cmd.exe ends with a quote place the /f:on outside the quotes. This will enable file and directory name completion characters – you can use Ctl + d for directories and Ctl + f for files.  I also like to set the Start In target to C:.

Click the Options tab.  I like to increase the command history buffer to at least 100, this is especially useful if you have a command prompt open for a long time and want to scroll back through your previous commands.  Check discard old duplicates to, well, do just that.  And check QuickEdit mode.  This is a great one as it enables selecting text directly and pasting directly (with right-click) without having to right-click and select copy and/or paste.

Personally I don’t change the fonts or colors, but you may prefer different settings.  Play around, have fun.

Now click the Layout tab.  I normally increase the height and width of the window size a bit, especially with today’s higher resolution monitors.  And I definitely increase the screen buffer size height, usually to a couple thousand or more.  Make sure to increase the screen buffer width to at least match that of your window size width.

I usually leave “Let System Position Window” checked so Windows will tile subsequent command prompt windows:

See also:

CMD.exe /? (help) in Windows 7
Starts a new instance of the Windows command interpreter

CMD [/A | /U] [/Q] [/D] [/E:ON | /E:OFF] [/F:ON | /F:OFF] [/V:ON | /V:OFF] [[/S] [/C | /K] string]

/C      Carries out the command specified by string and then terminates
/K      Carries out the command specified by string but remains
/S      Modifies the treatment of string after /C or /K (see below)
/Q      Turns echo off
/D      Disable execution of AutoRun commands from registry (see below)
/A      Causes the output of internal commands to a pipe or file to be ANSI
/U      Causes the output of internal commands to a pipe or file to be Unicode
/T:fg   Sets the foreground/background colors (see COLOR /? for more info)
/E:ON   Enable command extensions (see below)
/E:OFF  Disable command extensions (see below)
/F:ON   Enable file and directory name completion characters (see below)
/F:OFF  Disable file and directory name completion characters (see below)
/V:ON   Enable delayed environment variable expansion using ! as the
        delimiter. For example, /V:ON would allow !var! to expand the
        variable var at execution time.  The var syntax expands variables
        at input time, which is quite a different thing when inside of a FOR
        loop.
/V:OFF  Disable delayed environment expansion.

Note that multiple commands separated by the command separator ‘&&’
are accepted for string if surrounded by quotes.  Also, for compatibility
reasons, /X is the same as /E:ON, /Y is the same as /E:OFF and /R is the
same as /C.  Any other switches are ignored.

If /C or /K is specified, then the remainder of the command line after
the switch is processed as a command line, where the following logic is
used to process quote (“) characters:

    1.  If all of the following conditions are met, then quote characters
        on the command line are preserved:

        – no /S switch
        – exactly two quote characters
        – no special characters between the two quote characters,
          where special is one of: &<>()@^|
        – there are one or more whitespace characters between the
          two quote characters
        – the string between the two quote characters is the name
          of an executable file.

    2.  Otherwise, old behavior is to see if the first character is
        a quote character and if so, strip the leading character and
        remove the last quote character on the command line, preserving
        any text after the last quote character.

If /D was NOT specified on the command line, then when CMD.EXE starts, it
looks for the following REG_SZ/REG_EXPAND_SZ registry variables, and if
either or both are present, they are executed first.

    HKEY_LOCAL_MACHINESoftwareMicrosoftCommand ProcessorAutoRun

        and/or

    HKEY_CURRENT_USERSoftwareMicrosoftCommand ProcessorAutoRun

Command Extensions are enabled by default.  You may also disable
extensions for a particular invocation by using the /E:OFF switch.  You
can enable or disable extensions for all invocations of CMD.EXE on a
machine and/or user logon session by setting either or both of the
following REG_DWORD values in the registry using REGEDIT.EXE:

    HKEY_LOCAL_MACHINESoftwareMicrosoftCommand ProcessorEnableExtensions

        and/or

    HKEY_CURRENT_USERSoftwareMicrosoftCommand ProcessorEnableExtensions

to either 0x1 or 0x0.  The user specific setting takes precedence over
the machine setting.  The command line switches take precedence over the
registry settings.

In a batch file, the SETLOCAL ENABLEEXTENSIONS or DISABLEEXTENSIONS arguments
takes precedence over the /E:ON or /E:OFF switch. See SETLOCAL /? for details.

The command extensions involve changes and/or additions to the following
commands:

    DEL or ERASE
    COLOR
    CD or CHDIR
    MD or MKDIR
    PROMPT
    PUSHD
    POPD
    SET
    SETLOCAL
    ENDLOCAL
    IF
    FOR
    CALL
    SHIFT
    GOTO
    START (also includes changes to external command invocation)
    ASSOC
    FTYPE

To get specific details, type commandname /? to view the specifics.

Delayed environment variable expansion is NOT enabled by default.  You
can enable or disable delayed environment variable expansion for a
particular invocation of CMD.EXE with the /V:ON or /V:OFF switch.  You
can enable or disable delayed expansion for all invocations of CMD.EXE on a
machine and/or user logon session by setting either or both of the
following REG_DWORD values in the registry using REGEDIT.EXE:

    HKEY_LOCAL_MACHINESoftwareMicrosoftCommand ProcessorDelayedExpansion

        and/or

    HKEY_CURRENT_USERSoftwareMicrosoftCommand ProcessorDelayedExpansion

to either 0x1 or 0x0.  The user specific setting takes precedence over
the machine setting.  The command line switches take precedence over the
registry settings.

In a batch file the SETLOCAL ENABLEDELAYEDEXPANSION or DISABLEDELAYEDEXPANSION
arguments takes precedence over the /V:ON or /V:OFF switch. See SETLOCAL /?
for details.

If delayed environment variable expansion is enabled, then the exclamation
character can be used to substitute the value of an environment variable
at execution time.

You can enable or disable file name completion for a particular
invocation of CMD.EXE with the /F:ON or /F:OFF switch.  You can enable
or disable completion for all invocations of CMD.EXE on a machine and/or
user logon session by setting either or both of the following REG_DWORD
values in the registry using REGEDIT.EXE:

    HKEY_LOCAL_MACHINESoftwareMicrosoftCommand ProcessorCompletionChar
    HKEY_LOCAL_MACHINESoftwareMicrosoftCommand ProcessorPathCompletionChar

        and/or

    HKEY_CURRENT_USERSoftwareMicrosoftCommand ProcessorCompletionChar
    HKEY_CURRENT_USERSoftwareMicrosoftCommand ProcessorPathCompletionChar

with the hex value of a control character to use for a particular
function (e.g.  0x4 is Ctrl-D and 0x6 is Ctrl-F).  The user specific
settings take precedence over the machine settings.  The command line
switches take precedence over the registry settings.

If completion is enabled with the /F:ON switch, the two control
characters used are Ctrl-D for directory name completion and Ctrl-F for
file name completion.  To disable a particular completion character in
the registry, use the value for space (0x20) as it is not a valid
control character.

Completion is invoked when you type either of the two control
characters.  The completion function takes the path string to the left
of the cursor appends a wild card character to it if none is already
present and builds up a list of paths that match.  It then displays the
first matching path.  If no paths match, it just beeps and leaves the
display alone.  Thereafter, repeated pressing of the same control
character will cycle through the list of matching paths.  Pressing the
Shift key with the control character will move through the list
backwards.  If you edit the line in any way and press the control
character again, the saved list of matching paths is discarded and a new
one generated.  The same occurs if you switch between file and directory
name completion.  The only difference between the two control characters
is the file completion character matches both file and directory names,
while the directory completion character only matches directory names.
If file completion is used on any of the built in directory commands
(CD, MD or RD) then directory completion is assumed.

The completion code deals correctly with file names that contain spaces
or other special characters by placing quotes around the matching path.
Also, if you back up, then invoke completion from within a line, the
text to the right of the cursor at the point completion was invoked is
discarded.

The special characters that require quotes are:
    
     &()[]{}^=;!’+,`~