• Review: FixWin – repair common Windows 7 (and Vista) issues and problems

    Today I was looking at the FixWin tool and see how easily can help us with minor issues and problems on our Windows 7/Vista operating systems.

    According to the description on the thewindowsclub.com this utility can help you refreshing the Recycle Bin, re-enable the  right click context menu in Internet Explorer or re-enable your task manage or cmd or your Registry Editor after a malware attack…

    The first window of FixWin explains that a System File Checker (sfc /scannow) and a Restore Point should be done before any further action. But after you’ve done with the sfc and you’ve created the restore point and your issue is still there, you can start by looking at the left side of FixWin where you’ll find five categories:

    1. Windows Explorer

    2. Internet & Connectivity

    3. Windows Media

    4. System Tools

    5. Additional Fixes.

     

    Here you have a list of all the repair options:

    Windows Explorer:

    • Recycle Bin icon missing from desktop
    • Reset Folder View settings to default
    • Game Explorer is not working
    • Enable Folder Options in Tools menu and Control Panel
    • Fix show hidden files, folders and drives. Helpful if malware has changed the settings and prevents restoration in the folder options.
    • Restore the Windows Sidebar
    • Fix Recycle Bin icon, if it does not refresh automatically anymore
    • Repair Explorer.exe so that it starts on system boot
    • Drive icons (CD, DVD, Blu-Ray) missing or not recognized by Windows or programs.
    • Fix Thumbnails not working in Windows Explorer

    Internet And Connectivity

    • Internet Explorer icon is missing on the desktop
    • Skip the Internet Explorer Run Once wizard, that sometimes appears more than once.
    • Enable access to Internet Options
    • Increase Internet Explorer maximum connections from two to download more files at once.
    • Fix ability to change homepage in Internet Explorer
    • Repair Runtime Error Dialogs appearing in Internet Explorer
    • Repair Internet Connection and reset TCP/IP settings to default values
    • Fix Font Style and Blurry Text in Source window in Internet Explorer 8
    • Reset IE settings to default
    • Enable right-click menu in Internet Explorer

    Windows Media

    • Repair An internal application error has occurred when starting Windows Media Player
    • Fix Windows Media Player stops responding after installing a third party product that registers its own wmp.dll file
    • Repair the slideshow in WMP
    • Fix missing right-click context menu entries for media files that are associated with Windows Media Player
    • Repair Windows Media Player Composition Mixer
    • Fix Windows Media Player is not installed properly and must be reinstalled
    • Reset Windows Media Library and fix library sync issues
    • Enable automatic updates for WMP
    • Flush and rebuild Windows Media Center database
    • Enable flash content to be displayed in Windows Media Player while visiting online stores or the media guide

    System Tools

    • Repair Task Manager, fix Task Manager has been disabled by your administrator.
    • Enable Command prompt, fix the command prompt has been disabled by your administrator
    • Enable Registry Editor, fix Registry Editing has been disabled by your administrator.
    • Repair MMC Snap-Ins, some viruses disable MMC Snap-Ins to prevent access to Group Policies, Local Security Policies, Disk Management and so on.
    • Reset Windows Search to default, especially helpful in Vista if the message Search Failed to Initialize appears when using search.
    • Reset System Restore to defaults. Aids for instance if the message System Restore has been turned off by group policy appears.
    • Repair the Windows Device Manager not working properly, or not showing devices.
    • Repair Windows Defender, resets all Registry settings and services to their default values.
    • Fix Action Center and Windows Security not recognizing Antivirus and Firewall, or identifying the installed software as old security software.
    • Repair the Turn Windows Features on or off dialog

    Additional Fixes

    • Repair Hibernate and Hybrid Sleep feature, fix Hibernate missing from Shutdown button options
    • Restore Windows Sidebar gadgets, if sidebar gadgets missing from Gadget panel.
    • Restore sticky notes delete warning dialog box
    • Repair Windows Update, to prevent a blank page when visiting the update page
    • Repair the help system in Windows, so that the Windows Help file opens when accessing Help.
    • Fix corrupted desktop icons, clear and rebuild corrupted icon cache and increase the icon cache limit to 5000
    • Fix Taskbar Jumplists missing or do not store MRU file lists
    • Repair Aero Snap
    • Repair Aero Shake
    • Repair Aero Peek

    One last interesting point… Not only this software is freeware, but is just one executable, so you can bring it with you on your favorite usb key  and launch it anytime!

    Incoming search terms:

    • common windows 7 issues
  • TCPView: identify and close open connections on your Windows machine

    Where is connecting your machine? Are all the connections legitimate? Is somebody connecting to your machine? It’s very important to know about the various open TCP and UDP connections as some of them can be the clear indication that some Trojan is using your connection or that maybe somebody is trying to access your system.

     Microsoft Windows is shipped with the command line utility Netstat that is commonly used to list all the connections opened on a machine and troubleshoot them. However its output is an old-style, text only list of connections, so it can be hard to use or clearly understand its content. That’s why the Sysinternals team at Microsoft has created TCPView. This is a free program that shows you a detailed listings of all TCP and UDP endpoints exactly as Netstat would do, but in a clear and easy-to-read graphical interface.

    All the local and remote addresses endpoints and the state of TCP connections is displayed.

     You can download the latest version from http://technet.microsoft.com/en-us/sysinternals/bb897437

     Starting from Windows XP (and moving through Vista, 7 or Server 2008) TCPView also reports the name of the process that owns the connection.

    TCPView

    TCPView

     When you start TCPView it will enumerate all active TCP and UDP endpoints, resolving all IP addresses to their domain name versions. You can use a toolbar button or menu item to toggle the display of resolved names (Options -> Resolve Addresses). On Windows XP systems (or higher), TCPView shows the name of the process that owns each endpoint.

    As explained in the brief instructions that come with the application, TCPView updates every second, but you can use the Options -> Refresh Rate menu item to choose a different time (1, 2, 5 seconds or paused).

    Endpoints that change state from one update to the next are highlighted in yellow and those that are deleted are shown in red. New endpoints are shown in green.

    TCPView offers two interesting functions out of the box:

    1. Kill processes
    2. Close connections

    This means that if you can identify some strange process connecting to something strange, you can close this connection and monitor the process to see if it keeps opening the connection again, until you may decide that is the time to kill the process.

    Sometimes it’s good to close a connection, not because it’s a Virus/Trojan that is opening it, but because an application can go to a “Not Responding” state when is waiting for incoming data from a network source that is a not reliable or that is taking too long to answer. If you just close the connection, there is a good chance that the process will be in a “responding” state again and you’ll not lose data as it would happen if you would have closed the process instead.

    When you right click on a process/connection, you’ll see a small menu that will give you the option to Kill the process or Close the connection.

    Another option you can appreciate in the context menu is “Whois”. If you want to have more info on the remote server, click choose this option and TCPView will search on the Internet the Whois information.

    Please note that I’ve noticed that if you are using a Proxy Server or VPN connection, the Whois option is not available. In this case, you’ll have to do the Whois manually, then…

    For troubleshooting purposes you should consider enabling the option”Show Unconnected Endpoints” under the Options menu (or by pressing Ctrl+U). If this option is enabled, you’ll see not only the existing connections, but you’ll be able to see which ports are open on your system. You may discover that something is keeping opened some strange port…

    You can also save TCPView’s output window to a file using the “Save” icon. The output will be a standard TXT file.

    TCPView includes Tcpvcon, a command-line version with the same functionality (basically a more clear to read Netstat with fewer options.

    Tcpvcon usage is similar to that of the built-in Windows netstat utility:

    Usage: tcpvcon [-a] [-c] [-n] [process name or PID]

    -a Show all endpoints (default is to show established TCP connections);
    -c Print output as CSV;
    -n Don’t resolve addresses;
    process Only show endpoints owned by the process specified

    With tcpvcon you cannot kill any process, just see the opened ports/connections. But its default output it’s clearer than netstat. I would recommend to save the output in a text file so you’ll be able to review it easily. You can do so by running in a Dos box the tcpvcon using this syntax:  tcpvcon > filename.txt

    A file called “filename.txt” will be created and you’ll have the connection info available for a later check.

  • Tutorial: troubleshoot and improve Boot Time in Ubuntu Linux with Bootchart

    When you install a fresh copy of any operating system, the boot phase is generally good, mostly because there is any software installed a part from the ones provided with the OS installation itself. But when you start using you computer you will install other software, start playing and tweaking the OS and you will see longer boot times.

    How do you know if there is anything wrong with your boot time?

    First thing to understand is that if you’ve installed any program that does something at startup time, you will have to accept longer boots time, no matter what, but sometimes it’s just a badly written software or after an update that you may notice that something is wrong.

    In order to understand if your system has an issue or not, you will probably need help. And Ubuntu can help you out very well by installing the application Bootchart.

    Open the Ubuntu Software Center or the Synaptic Package Manager and search for “bootchart” (or just type sudo apt-get install bootchart in the terminal window); you will be able to install this very useful piece of software. Obviously you will have to reboot you machine, so the logs will be captured.

    Bootchart is a utility that compiles all the relevant logs when the machine is booting and renders them in a Gantt chart. It has been developed in Java and is basically a script that reads all the info gathered by the bootchartd (boot logger) daemon (it’s launched by the kernel).

    The result is an image showing the boot time on the horizontal axis and all the various processes started during boot on the vertical axis. Please note that you will be able to see dependencies (if a process has launched another one) and different colors to indicate CPU/Disk usage.

    Here you have an example boot chart image:

    Test Bootchart Image

    Test Bootchart Image

    The logs captured and the images generated are saved by default under /var/log/bootchart/

    A good thing to do is to take a snapshot of your system right after has been installed, and then taking snapshots on a regular basis in order to see if there has been an increment in boot time and which processes have caused this. Another good reason to check your boot time is before adding a new hardware or making an important change to your system. By having a snapshot before and after the change you will be easily able to identify any problem and its root cause.

    On the Ubuntu’s Wiki site you can see other users Boot Charts that can be interesting for you to compare with and you can even upload your own.

    It’s important to remember that once you’ve done your tests, it’s recommendable to remove Bootchart from your system, otherwise:

    1. Your /var/log/bootchart/ folder will be filled with Boot charts at every boot.
    2. Your boot will be slightly slower as it has to collect the logs and compile the graph.

    You can obviously remove it from the Software Center or Synaptic or by running sudo apt-get remove bootchart from a terminal console. Please remember to save all the logs you may need and leave the folder /var/log/bootchart clean and tidy!