3) Windows OS & PC Security Issues Flashcards
Windows Symptoms: Slow Performance
Task Manager > Check for high CPU usage
Windows Update (latest patches/drivers)
Check for available space & defrag
Laptop (Power saving mode?)
Run anti-virus/anti-malware (especially if unrecognized processes running)
Windows Symptoms: Limited Connectivity
Yellow triangle over network icon (or in network status)
Local:
Check physical connection, check WAP connection
Check IP configuration
Reboot
External:
Wireless router rebooted/turned off
Ping default gateway & external IP
Windows Symptoms: Failure to Boot
asdf
Windows Symptoms: No OS Found
Check boot drives (remove any media)
Startup repair (can look at every step along boot process)
Modify Windows Boot Config Database (BCD)
Formerly boot.ini
Recovery Console: bootrec /rebuildbcd
Missing NTLDR (boot loader is missing) Run startup repair or replace manually & reboot
Windows Symptoms: App Crashes
Check event log
Check reliability monitor (history of app problems)
Checks for resolutions
Windows Symptoms: BSoD
Bad hardware, bad drivers, bad application
Newer BSoD may give some details
Use last known good config, system restore, rollback driver (also try safe mode)
Reseat/remove hardware
Run hardware diagnostics (by manufacturer)
Windows Symptoms: Black Screens
Driver corruption, OS system file corruption
Video Driver - Start in VGA mode - F8 for startup options
Or update driver in safe mode (known good source)
Run SFC (run from recovery console)
Repair/refresh or recover from backup
Windows Symptoms: Printing Issues
Print or scan a test page (built into Windows)
Different from application printing
Use diagnostic tools
Web-based, vendor specific, generic
Clear the print queue or clear specific print job
Restart print spooler
Windows Symptoms: Services fail to start
"One or more services failed to start" Bad/incorrect driver, bad hardware Try starting manually Check account permissions Confirm service dependencies If Windows service, check system files If application service, reinstall application
Open Windows Services
Windows Symptoms: Slow Bootup
Boot process hangs or takes longer than usual
No activity, no drive lights
Manage startup apps
Win10: Task Manager | Earlier: msconfig
Or disable everything, load them back one at a time.
Windows Symptoms: Slow Profile Load
Roaming user profile
Desktop follows you to any computer
Network latency to domain controller
Slows login scripts, slow to apply policies
Client picks a remote domain controller instead of local
Windows Solutions: Defragment HDD
Moves file fragments so they are contiguous
Sharing a common border (in order)
Improves read/write speeds
Cmd: defrag
May be in weekly schedule (task scheduler)
Windows Solutions: Reboot
Why it works:
Bug in router software (reset router)
App using too many resources (stops the app)
Memory leak slowly consumes available RAM
(Clears RAM & starts again)
Windows Solutions: Kill Tasks
Sometimes you can locate the problem process via task manager and kill it.
Source by resource (CPU/Memory/Network/Disk)
Windows Solutions: Restart Services
Services - apps running in background
Same types of problems as interactive apps
Task Manager/Services: Start/Stop/Restart/Pause/Resume
Windows Solutions: Update Network Settings
One config mismatch can cause significant slowdowns
Speed/duplex settings need to match
Most auto negotiations work fine (until they don’t)
Certain configs may need manual speed/duplex settings
Driver may not show negotiated value
Windows Solutions: Reimage/reload OS
Windows is huge/complex
Spend time finding the needle, or just build a new haystack
Many organizations have pre-built images
(May be best not to research issues)
Win 8/10 includes reset option
Settings > Update/Security > Recovery
Windows Solutions: Roll Back Updates
Restore Points (rewind to previous config) Restore point can be created automatically with application installations.
Windows Solutions: Roll Back Devices/Drivers
Device drivers can break Windows
Device Manager > Roll Back Driver
Windows Solutions: Apply Updates
Windows Update
Centralized OS & Driver Updates
Flexibility: Change active hours | Auto/Manual
Applications must be patched
Security issues don’t stop at the OS
Download from publisher
Windows Solutions: Repair Application
Some applications have a repair option.
Or you can uninstall/reinstall
Windows Solutions: Disable Startup Services/Apps
Trial & Error
Disable all, begin adding them back
Or disable one at a time
May take many restarts
Windows Solutions: Safe Boot
Safe Mode - F8 on boot
Advanced Boot Options > Enable Safe Mode
Or interrupt boot process 3 times
If this doesn’t work, Windows is in Fast Startup
Fast Startup: Shutdown = Hibernate
Msconfig to turn off
Networking, Command Prompt, VGA Mode options
Windows Solutions: Rebuild Windows Profiles
“User profile service failed the logon”
“User profile cannot be loaded”
“User documents may be missing”
Log in with admin rights
Rename existing user folder, backup user registry
HKLM\Software\Microsoft\WindowsNT\CurrentVersion\ProfileList > Right Click > Export
Delete registry entry (you have backup)
Restart
Login with the user account
Profile will be rebuilt
Will recreate \users\name folder
Login as admin, copy over files from old profile
Only move over documents, not all files (may be corrupted)
Security Symptoms: Pop-ups
Update your browser, use the latest version
Check pop-up block feature or get extension
Scan for malware
Security Symptoms: Browser Redirection
Browser directs you to the wrong page with a search feature or home page.
Malware is intercepting search queries/results
Use anti-virus/anti-malware
To completely remove, restore to known good backup
Security Symptoms: Security Alerts
Security alerts may indicate bad certificate
Click on lock icon
Certificate may be expired or linked to wrong domain
Certificate may be invalid (authority not trusted)
Security Symptoms: Slow Performance/Internet Connectivity Issues
Can be a sign of malware.
Malware may take you where it wants.
You can’t protect yourself if you can’t download.
May block OS update function.
Malware/virus scan
Use software from another resource, or restore from backup/image.
Security Symptoms: PC/OS Lockup
Could be hardware problem, but also security issue.
Run hardware diagnostic.
Check logs when restarting.
Check Caps/Num Lock
May still be able to kill bad apps
Security Symptoms: Application Crash
Application stops working, may be malware. Check event log. Check reliability monitor. Reinstall/repair the application. Virus/malware scan.
Security Symptoms: Rogue Antivirus
A fake anti-virus/anti-malware software.
May be ransomware.
Can be very difficult to get rid of.
Security Symptoms: Spam
Unsolicited emails
Advertisements
Phishing attacks
Spread viruses
Spam filters can be helpful.
Security Symptoms: Renamed System Files/Disappearing Files
Also a sign of malware.
Scan for viruses/malware.
May need to restore to backup.
Security Symptoms: File Permission Changes/Access Denied
Malware may change file permissions, causing “access denied” errors when trying to access certain files or applications.
Security Symptoms: Hijacked Email
Infected computers can become email spammers.
May receive odd replies/emails from users.
Bounce messages from unknown emails.
Scan for malware.
Security Symptoms: System/App Log Errors
Many errors go undetected, so check logs.
Filter & research
Find security issues:
Improper logins
Unexpected app use
Failed login attempts
