Tuesday, December 7, 2010
Chapter 21
21-3: Researching Notebook Service Manuals
1. I have an Acer Aspire 5720Z series.
2. This is where I found a PDF file of the manual for my notebook.
http://support.acer.com/acerpanam/manuals/acer/0000/userguides/AS_5720G_5720_Eng_OLM.pdf
3. Here are a couple sample pages from the manual:
Take apart a notebook computer:
This is the RAM.
Next up is the hard drive.
Video is MP4 format. I use realplayer to view it.
And still, no one knows how many licks it takes to get to the center of a notebook.
1. I have an Acer Aspire 5720Z series.
2. This is where I found a PDF file of the manual for my notebook.
http://support.acer.com/acerpanam/manuals/acer/0000/userguides/AS_5720G_5720_Eng_OLM.pdf
3. Here are a couple sample pages from the manual:
Take apart a notebook computer:
This is the RAM.
Next up is the hard drive.
Video is MP4 format. I use realplayer to view it.
And still, no one knows how many licks it takes to get to the center of a notebook.
Chapter 20
20-2: Download and Use AV Software
I downloaded a free trial of AVG Anti-Virus software and installed it. I scanned the system and found no suspicious activity.
I updated the software with the latest virus signatures, set the AV software to scan daily, and set the AV software to scan incoming e-mail.
20-3: Researching Running Processes
igfxtray.exe- Grants access to the Intel Graphics configuration and diagnostic application for the chipset.
igfxpers.exe- An NVidia graphics card process that provides additional configuration options for this device.
igfxsrvc.exe- Stabilizes the running processes of the computer. Do not remove!
Csrss.exe - is responsible for console windows, creating and/or deleting threads, and implementing some portions of the 16-bit virtual MS-DOS environment.
hkcmd.exe - Process for Intel multimedia devices. Allows configuration and diagnostic options for these devices
winlogon.exe - Winlogon is a part of the Windows Login subsystem, and is necessary for user authorization and Windows activation checks.
msiexec.exe - Used to install new programs that use Windows Installer package files (MSI).
taskhost.exe - Host for processes that run from DLLs. At startup TASKHOST checks the Services portion of the Registry to make a list of DLL-based services that it needs to load, and then loads them.
wordpad.exe - A system file that allows you to type or paste simple text.
20-4: Learning to Use Autoruns
I downloaded and ran autoruns. The startup items are the same as the ones shown in msconfig.
The only difference is the appearance. I think autoruns has a better layout.
I downloaded a free trial of AVG Anti-Virus software and installed it. I scanned the system and found no suspicious activity.
I updated the software with the latest virus signatures, set the AV software to scan daily, and set the AV software to scan incoming e-mail.
20-3: Researching Running Processes
igfxtray.exe- Grants access to the Intel Graphics configuration and diagnostic application for the chipset.
igfxpers.exe- An NVidia graphics card process that provides additional configuration options for this device.
igfxsrvc.exe- Stabilizes the running processes of the computer. Do not remove!
Csrss.exe - is responsible for console windows, creating and/or deleting threads, and implementing some portions of the 16-bit virtual MS-DOS environment.
hkcmd.exe - Process for Intel multimedia devices. Allows configuration and diagnostic options for these devices
winlogon.exe - Winlogon is a part of the Windows Login subsystem, and is necessary for user authorization and Windows activation checks.
msiexec.exe - Used to install new programs that use Windows Installer package files (MSI).
taskhost.exe - Host for processes that run from DLLs. At startup TASKHOST checks the Services portion of the Registry to make a list of DLL-based services that it needs to load, and then loads them.
wordpad.exe - A system file that allows you to type or paste simple text.
20-4: Learning to Use Autoruns
I downloaded and ran autoruns. The startup items are the same as the ones shown in msconfig.
The only difference is the appearance. I think autoruns has a better layout.
Chapter 19
19-3: Using a Port Scanner
I downloaded Advanced Port Scanner at www.redmin.com.
These are the results of the scan which show me how many, and the purpose of the open ports.
19-4: Managing User Accounts
1. I made a standard user account that does not let me access files with administrative privileges.
2. I couldn't install a program using a user account without knowing the administrator password.
3. I can create a new user accout but it will have the same limitations as the user account you create it with.
REAL PROBLEM 19-2: Recovering From a Forgotten Windows Password
I would use ophcrack because I am familiar with it from SEC-110.
I downloaded Advanced Port Scanner at www.redmin.com.
These are the results of the scan which show me how many, and the purpose of the open ports.
19-4: Managing User Accounts
1. I made a standard user account that does not let me access files with administrative privileges.
2. I couldn't install a program using a user account without knowing the administrator password.
3. I can create a new user accout but it will have the same limitations as the user account you create it with.
REAL PROBLEM 19-2: Recovering From a Forgotten Windows Password
I would use ophcrack because I am familiar with it from SEC-110.
Chapter 18
The Switch
We all plugged our Cat5 cables to the big switch to form a network. Then we disabled out firewalls and PINGed each other to be able to share files.
Below is the dialog box in which I put my new IP address.
And now I can see the other users on my network.
We all plugged our Cat5 cables to the big switch to form a network. Then we disabled out firewalls and PINGed each other to be able to share files.
Below is the dialog box in which I put my new IP address.
And now I can see the other users on my network.
Chapter 17
17-1: Investigating Your PC
1. The NIC (Network Interface Card) is the hardware used.
2. The Mac address is: 00-E0-4D-7F-3C-38
3. The IP address of my PC is 10.20.205.107
4. The utility I used was ipconfig(space)all.
17-3: Researching Switches
1. The three switches are shown below;
2. I would use the switch with the most available ports. When choosing a switch I would keep in mind the number of computers I am going to be hooking up to the network.
3. These are the network adapters I found:
1. The NIC (Network Interface Card) is the hardware used.
2. The Mac address is: 00-E0-4D-7F-3C-38
3. The IP address of my PC is 10.20.205.107
4. The utility I used was ipconfig(space)all.
17-3: Researching Switches
1. The three switches are shown below;
2. I would use the switch with the most available ports. When choosing a switch I would keep in mind the number of computers I am going to be hooking up to the network.
3. These are the network adapters I found:
4. I would recommend the Belkin Gigabit USB 2.0 Network Adapter because of its plug-and-play capability.
5. The minimum upgrade cost including one switch and four network adapters comes to a total of $71 before tax, shipping, and handling.
Chapter 16
16-1: Digging Deeper into System File Checker
1. The parameters besides scannow are; scanboot, revert, purgecache, cachesize=X
2. The purpose of the findstr command is to exclude patterns, and lets you use regular expressions.
3. No, sfcdetails.txt can be used in the command line.
4. The edit command compares the files to their state the last time that file checker was run.
16-4: Sabotage a Windows XP System
1. I opened task manager by selecting Ctrl, Alt, Del simultaneously and chose Start Task Manager from the list.
1. The parameters besides scannow are; scanboot, revert, purgecache, cachesize=X
2. The purpose of the findstr command is to exclude patterns, and lets you use regular expressions.
3. No, sfcdetails.txt can be used in the command line.
4. The edit command compares the files to their state the last time that file checker was run.
16-4: Sabotage a Windows XP System
1. I opened task manager by selecting Ctrl, Alt, Del simultaneously and chose Start Task Manager from the list.
A lot of big numbers, I know. I changed the winlogin.exe process to biteme.exe. When I rebooted I got a barrage of error messages, but changing the file name didn't actually make windows crash. |
Chapter 15
15-3: Practicing Using the Recovery Environment
1. When I executed the Startup Repair Process I found that there was no system state to restore to.
2. There wasn't a restore point.
3. I used the command prompt to open the Registry Editor using the regedit command.
4. Yes I was able to copy one of my documents from my C drive to my flash drive using the command prompt.
15-4: Using Ntblog.txt
1. When I executed the Startup Repair Process I found that there was no system state to restore to.
2. There wasn't a restore point.
3. I used the command prompt to open the Registry Editor using the regedit command.
4. Yes I was able to copy one of my documents from my C drive to my flash drive using the command prompt.
15-4: Using Ntblog.txt
Normal boot |
Safe boot |
Chapter 14
14-1: Researching Running Processes
I used the Task Manager to find a list of the running processes. I then booted my PC in safe mode, went to Task Manager to open the list of running processes.
Many of the host processes for Windows Service did not run in safe mode.
14-2: Monitoring Startup Items with WinPatrol
1. I typed MSconfig in the command prompt and disabled the non-Windows startup items. I then restarted my computer.
2. I downloaded WinPatrol from www.winpatrol.com.
3. I returned to MSconfig in the control panel and enabled the startup programs I had disabled in step one.
4. Yes, all of the startup programs are able to start.
14-3: Practicing Launching Programs at Startup
1. I clicked on START and chose SCHEDULED PATHS, went to ACTION, then to CREATE TASK. I chose to have notebook open when a user logs on.
2. Go from START to PROGRAMS, right click STARTUP and select OPEN. I pasted the command prompt in the STARTUP folder.
3. Both notepad and the command prompt launched when I rebooted without any errors.
4. I removed the notepad and command prompt from the list of startup programs.
14-5: Editing and Restoring the Registry
This assignment is for Vista, and we have non-authenticated versions of Windows 7, so the directions in the book don't work. Maybe, just maybe, we should have downloaded legitimate copies of Vista or XP since this book was written before Windows 7 was released.
14-6: Using the Microsoft Management Console
Click on the START button, type mmc in the run box and hit enter.
Click the ACTIONS button and select Add/Remove snap-in. I added the Device Manager and Event Viewer. Save it when your done. This is what the shortcut icon of my console looks like on my desktop.
I used the Task Manager to find a list of the running processes. I then booted my PC in safe mode, went to Task Manager to open the list of running processes.
Normal Mode |
Safe Mode |
14-2: Monitoring Startup Items with WinPatrol
1. I typed MSconfig in the command prompt and disabled the non-Windows startup items. I then restarted my computer.
2. I downloaded WinPatrol from www.winpatrol.com.
3. I returned to MSconfig in the control panel and enabled the startup programs I had disabled in step one.
4. Yes, all of the startup programs are able to start.
This is the dialog box that opens. |
1. I clicked on START and chose SCHEDULED PATHS, went to ACTION, then to CREATE TASK. I chose to have notebook open when a user logs on.
2. Go from START to PROGRAMS, right click STARTUP and select OPEN. I pasted the command prompt in the STARTUP folder.
3. Both notepad and the command prompt launched when I rebooted without any errors.
4. I removed the notepad and command prompt from the list of startup programs.
14-5: Editing and Restoring the Registry
This assignment is for Vista, and we have non-authenticated versions of Windows 7, so the directions in the book don't work. Maybe, just maybe, we should have downloaded legitimate copies of Vista or XP since this book was written before Windows 7 was released.
14-6: Using the Microsoft Management Console
Click on the START button, type mmc in the run box and hit enter.
Click the ACTIONS button and select Add/Remove snap-in. I added the Device Manager and Event Viewer. Save it when your done. This is what the shortcut icon of my console looks like on my desktop.
Sunday, December 5, 2010
Chapter 13
13-1: Using System Restore
Choose the create button on the System Protection tab of the System Properties dialog box.
4. Now I'm ready to restore my computer to the restore point I just created.
Check the hard drive for errors
I opened the command prompt and entered the Chkdsk command: chkdsk c:/r. I chose to Automatically fix file system errors and Scan for and attempt recovery of bad sectors, then pressed the start button.
1. Create a restore point by going to START, Control Panel, System and Security, System. This is what you will see.
Got to the Advanced tab on the System Properties dialog box.
Name your restore point.
This is the dialog box you will see at the completion of the creation of the restore point.
2. I changed some personal settings to test the restore point I created.
2. I increased the size of the text.
3. I changed my desktop background to this warm and fuzzy photo.
4. Now I'm ready to restore my computer to the restore point I just created.
I choose which restore point I want to use.
After I restored the system, the personal settings I had changed were no longer in effect because I went back in time, before the personal settings were assigned.
13-2: Cleaning Up Your Hard Drive
First I opened Windows Explorer and right clicked on drive C, and selected the Properties dialog box.
Press the Disk Cleanup button.
When I logged on to Windows 7 as a user as opposed to an administrator, I could only save the files that I had access to as a user. If there were stricter permissions set on the files I would have seen a greater difference.
13-4: Restoring the System State
I don't know. Windows 7 doesn't even have a System State.
Clean up drive
This is what my C drive looks like after I use the Disk Cleanup button located on the General tab of the Local Disk (C:) Properties dialog box.
Defrag the hard drive
I went to the tools tab of the Local Disk (C:) Properties dialog box and chose the Defragment Now button. This is what the screen looks like in the defragmentation process.
Check the hard drive for errors
I opened the command prompt and entered the Chkdsk command: chkdsk c:/r. I chose to Automatically fix file system errors and Scan for and attempt recovery of bad sectors, then pressed the start button.
Verify Startup Programs, use msconfig
I went to the Startup tab on the System Configuration Dialog box. Since I barely have any startup progams that are not necessary. The text book does not go into detail about how to verify startup programs using msconfig. The chapter says that it can be done using msconfig, however the directions say to use the Windows Defender Software Explorer.
Backup User Data
Windows 7 allows you to choose what files you want to back up.
Manage hard drive volumes & create a new volume
I used the Disk Management tool to manage hard drive volumes. Then you right click the disk you are managing and select Initialize Disk. Use the System Volume Wizard to use your unused space to make a new volume.
Subscribe to:
Posts (Atom)