Some Notes on the Machines

Model:

(Get-CimInstance -ClassName Win32_ComputerSystem).Model

Part number (if present; may be in one, the other, or both locations):

(Get-CimInstance -ClassName Win32_ComputerSystem).SystemSKUNumber
(((Get-CimInstance -ClassName Win32_ComputerSystem).OEMStringArray)[1] -split " ",3)[2]

Serial number:

(Get-CimInstance -ClassName Win32_BIOS).SerialNumber

All:

(Get-CimInstance -ClassName Win32_ComputerSystem).Model
(Get-CimInstance -ClassName Win32_ComputerSystem).SystemSKUNumber
(((Get-CimInstance -ClassName Win32_ComputerSystem).OEMStringArray)[1] -split " ",3)[2]
(Get-CimInstance -ClassName Win32_BIOS).SerialNumber

Well, it rocked my little world. This came from the excellent Terry Powell. He had a Server 2016 machine where Explorer would crash and restart every time Devices and Printers was opened. A very large number of common fixes was tried, including four different DISM methods with SFC and others, no change, DISM said the image was fixable but nothing would fix, and the only thing clearly missing according to DISM and SFC logs was a .lnk file. Terry found a reference stating that if one clears everything here except “(Default)”:

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Devices

and then restarts the printer spooler, all begins working well. And indeed, it appears that this is space in which bad gunk can build up! He found about 100 there, removed them, and lo and behold, all is well. Powershell code to do this:

function Remove-AllItemProperties
{
    [CmdletBinding()]
    param([string]$Path)

    Remove-ItemProperty -Name * @PSBoundParameters
}

Remove-AllItemProperties "HKCU:\SOFTWARE\microsoft\windows nt\currentversion\devices"

Stop-Service Spooler
Start-Service Spooler

If (when) anyone gets a bad actor email, i.e., a “phishing” scam trying to produce misdirection of funds and/or identity theft, those emails should be sent here:

reportphishing@apwg.com

and if it was sent from or arrived into a Microsoft mailbox, also here:

phish@office365.microsoft.com

Here are two ways:

1. If IPS is in use, set it to Fast Scan. This is in Policy Manager —> Subscription Services —> Intrusion Prevention Service..
2. By default, internal certificates are not updated. If they are not up to date, they can cause slowdowns. This is in Policy Manager —> Setup —> Certificates —> Trusted CA Certificates.

Try this:

netdom query fsmo

I live in a rather congested wifi neighborhood, there are strong active wifi signals in every house in front and back and next door etcetera. Our wireless routers have all sat next to the exterior wall through which the Cox coax comes through, and for about ten years, through three different wireless router upgrades, I relied on an aluminum flashing sheet placed between the wall and the wireless router, to keep everything as good as possible. Just one room away, line-of-sight through a double doorway without doors, I’d get 3-4 bars only without that sheet. This occurred even though I would check and usually change wifi channels every 3-6 months! The wireless-only Roku is in that room next door, so problems are easy to spot.

Anyway, about a year and a half ago it was wireless-router-buying time again (it has been historically a matter of frustration factor…), and I bought one of these off of eBay:



Initially it was simply a nice, reasonably well-behaved, one-notch improvement over the previous, like all of my previous upgrades. It’s recommendable, but not the purpose of this article. I got four solid bars to the next room over despite the neighborhood, using the flashing, which is what I expected. Still only 2-3 to the bedroom to my sweet wife’s tablet, and worse upstairs. And then I remembered something. Some years before I had bought this pair:



which are standard +9 Dbi wifi antennas, for $20. I had bought them and then realized my router of the time did not have removables. They fit this one. I bought one more, a +12 DBi, to make it three. The originals were the usual stubbies about six inches long, these are more like fourteen.

Five bars in line of sight. Four bars steady everywhere else in the house, including upstairs, and just outside. No flashing anymore. And I haven’t had cause to check wifi environment at all since the better antennas went in.

Wifi devices that have removable antennas, use a very standard connector for those antennas. There are rare exceptions, but the standard is very widespread, especially for indoor models. I will not be buying wireless routers without removable antennas ever again if I have any say in it, and we’ll see if I ever need to replace these antennas!

In Windows Server 2012 R1/2, 2008 R1/2, 7, Vista, and 2003 SP2 and later, whenever time is out of sync, it’s good to run the following two commands in an administrative command prompt (an ordinary command prompt for 2003SP2+):

w32tm /config "/manualpeerlist:north-america.pool.ntp.org 0.north-america.pool.ntp.org 1.north-america.pool.ntp.org 2.north-america.pool.ntp.org" /syncfromflags:MANUAL /update 
w32tm /resync

If the service has not been registered, the whole canole is:

w32tm /register
net start w32time
w32tm /config "/manualpeerlist:north-america.pool.ntp.org 0.north-america.pool.ntp.org 1.north-america.pool.ntp.org 2.north-america.pool.ntp.org" /syncfromflags:MANUAL /update 
w32tm /resync

Under Windows 2000, we need to go a bit more archaic:

net time /setsntp:north-america.pool.ntp.org
net time /querysntp

Two addenda:

• We used to recommend just pool.ntp.org , but geoblocking has become quite common, so a more geographically appropriate setup is now the rule.
• Do the above for domain controllers, standalone PCs, and mobile laptops. Add the domain controller’s IP to “Time Server” in DHCP, to reach desktops.

This tool, is how to make sure your firewall is set up correctly to allow StorageCraft cloud services:

https://support.storagecraft.com/s/article/StorageCraft-Cloud-Services-port-checking-utility?language=en_US

There are QoS settings which can be made within Windows! They work with desktop and server OSes, to set priorities on either network traffic of specific binaries, or by port and type. If you see programs or services stopping unexpectedly, stuttering, et cetera, this is good to try. Here is a basic guide in PDF:

http://notes.ponderworthy.com/file_download/12/Basic_PC_QoS.pdf

The steps:

1. Load up MMC.EXE.
2. Open the File menu
3. Choose Add/Remove Snap-In.
4. Click Group Policy Object Editor on the left.
5. Click Add.
6. Click Finish.
7. Click OK.
8. Open up Local Computer Policy, Computer Configuration, Windows Settings, Policy-based QoS. You’ll see the following, with the policy list being blank if you haven’t done this yet.

9. Right-click on Policy-based QoS, and choose Create new policy. Set a name, and then set the DSCP value:

The DSCP value is the priority level for the policy. The range is zero through 63. Here is one common DSCP value set:

0 …………………..General Traffic, unprioritized
10 …………………Backups, file transfers, non-business applications
25 …………………Mission-critical data, including SQL, video streaming
34 …………………Video conferencing
46 …………………VoIP

Another set, not quite the same, standardized within the WMM wifi standard:

8-23 ………………Background (BK)
24-31, 0-7 ………Best effort (BE)
32-47 …………….Video (VI)
48-63 …………….Voice (VO)

The above are far from a coherent standard everywhere; one can even find lists which peak at 30. For my needs within PCs, I have been setting my critical apps at 31, important apps at 24, and not bothering with anything else. And it is needful to be conservative. If you QoS some things too high, Windows won’t be able to do background things which keep it running…like, say, the Windows desktop ☺

10. At this point you need to decide on the type of QoS policy you are creating. You create them to work by TCP/UDP port for all applications, for application binaries of specific names, and for HTTP/HTTPS URLs.

11. You may now choose IP address(es) to which the policy applies.

12. And then TCP and/or UDP ports to which the policy applies. Default is TCP only.

And now you’re done with that policy, and you can create as many more as desired.

If you get PsTools, and do this:

psexec -i -s CMD.exe

you’ll get another CMD box, where the username is SYSTEM, that is to say, the hostname of the machine with a dollar sign on the right end. If the machine is on a domain, it is DOMAIN\hostname$, have not tested it on a non-domain machine yet.

One software installer recently, required that the folder containing its installer package be TAKEOWNed and ICACLSed, as that system user, before it would run to completion, it must have some odd permissions bug in it.

There are likely to be quite a few circumstances in which this special CMD can be useful.