User:Trojan69Horsie/sandbox

Diana Wanders

STUFF

Telefonnumre til Nortons support (+45) 35 25 80 10

Åbningstider 08.00 til 17.00, mandag til fredag

Symantec Enterprise kundesupport (på engelsk): https://support.symantec.com/en_US/contact-support.html Tlf. 38 48 70 58 (ikke teknisk) og tlf. 38 48 72 39 (teknisk). Åbningstider: man-fre kl. 9.00 - 17.30.

noemail@danish.norton.com

MICROSOFT SUPPORT DANMARK Telefon: 82 33 31 00

APPLE SUPPORT https://getsupport.apple.com/GetSASO?locale=da_dk

______________________________

500 GB backup https://buy.norton.com/da-dk/mf/productDetails/MggKMzAxMjUyAw==/

SKU Norton Security Standard 21330397 Norton Security Deluxe   21351077 Norton Security Premium  21330452 Norton Utilities         21155221

22.5 links NSBU http://buy-download.norton.com/downloads/2015/22.5.4/NSBU/DK/NSBU-ESDDef-22.5.4.24-DK.exe

NS http://buy-download.norton.com/downloads/2015/22.5.4/NS/DK/NS-ESDDef-22.5.4.24-DK.exe

N360P http://buy-download.norton.com/downloads/2015/22.5.4/N360/DK/N360P-ESDDef-22.5.4.24-DK.exe

N360 http://buy-download.norton.com/downloads/2015/22.5.4/N360/DK/N360-ESDDef-22.5.4.24-DK.exe

NIS http://buy-download.norton.com/downloads/2015/22.5.4/NISNAV/DK/NIS-ESDDef-22.5.4.24-DK.exe

NAV http://buy-download.norton.com/downloads/2015/22.5.4/NISNAV/DK/NAV-ESDDef-22.5.4.24-DK.exe

_______________________________

NortonCleanup (Mac) https://symantec.box.com/s/26z8x40uc1ozvwdo0ohozc6cryckswcu

-

Dragon Notes

-- Sysinternals --

AutoRuns http://download.sysinternals.com/files/Autoruns.zip

Process Explorer http://download.sysinternals.com/files/ProcessExplorer.zip

PsKill http://download.sysinternals.com/files/PSTools.zip

Process Monitor http://download.sysinternals.com/files/ProcessMonitor.zip

DiskExt http://download.sysinternals.com/files/DiskExt.zip

DiskView http://download.sysinternals.com/files/DiskView.zip

PendMoves http://download.sysinternals.com/files/PendMoves.zip

TCPView http://download.sysinternals.com/files/TCPView.zip

- SymHelp -

SymHelp http://www.norton.com/symhelp

SymHelp MAT Drag SymHelp to Run/cmd and add: -agent -noup

-- Virtual Machines --

Create a VM from scratch http://partnerweb.vmware.com/GOSIG/home.html

Convert a computer into a VM http://technet.microsoft.com/en-us/sysinternals/ee656415.aspx

Symantec level 2 - strictly internal ftp://10.0.0.16/storage/vmware_images/Windows/

--- Microsoft Malicious Software Removal Tool ---

Download https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx & http://go.microsoft.com/fwlink/p/?LinkId=40587

Definitions https://support.microsoft.com/en-us/help/890830/the-microsoft-windows-malicious-software-removal-tool-helps-remove-specific,-prevalent-malicious-software-from-computers-that-are-running-supported-versions-of-windows

--- Network Ports ---

List of Well-known ports http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml

PacketLife - Commonly used ports http://packetlife.net/media/library/23/common-ports.pdf

--- CMD Tools ---

Ping Connects 2 devices

SYNTAX ping  or

TROUBLESHOOTING ping Pinging to a loopback IP address (any address within the 127.x.x.x series) on the computer tests whether the TCP/IP stack is working fine.

ping / This command checks whether the NIC (Network Interface Card) driver is working correctly on the customer's system. If there is no successful reply to this ping then you need to reinstall the driver.

ping 

IP Config Shows information about Network Configuration

ipconfig/? Shows all switches

ipconfig/all Shows all information of the IP configuration

ipconfig /flushdns Resets DNS client resolver cache.

Tracert Provides information about number of routers a network pack has passed through and the time taken to pass through them.

tracert print to file: tracert [IP address]  >> [Path][File Name] ex. Tracert www.symantec.com >> C:\TraceResult.txt.

Nslookup "Name Server Lookup" - queries the DNS to optain domain name or IP address mapping or any other specific DNS record.

Netstat Displays all active TCP/IP connections.

netstat -a -o -n displays all connections and ports, the process ID of the executables that initiate the connection, the address, and the port numbers. netstat -a -o -b -n displays all connections and ports, the executables that create connections, the process ID, the address, and the port numbers.

Net Use net to view, update, and troubleshoot connections.

net statistics workstation

Route Used to view the local IP routing table, add more entries in it, and modify table if necessary. Without parameters, it provides help on syntax, options and usage. More info: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/route.mspx?mfr=true

route print

ARP Address Resolution Protocol is a network layer protocol that is used to resovle an IP address into a MAC address in the local network to which the system is connected.

arp -a

More info: https://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/arp.mspx?mfr=true

Telnet Telnet is a protocol that executes a terminal emulation program. Ensure you contact your ISP if you get a failed connection response.

telnet smtp.[ispmailserver.com] [port number]

System File Checker Sfc [/Scannow] [/Scanonce] [/Scanboot] [/Revert] [/Purgecache] [/Cachesize=x]

Each switch has a different functionality as described by Microsoft in:http://support.microsoft.com/kb/310747

Task List tasklist[.exe] [/s computer] [/u domain\user [/p password]] [/fo {TABLE|LIST|CSV}] [/nh] [/fi FilterName [/fi FilterName2 [ ... ]]] [/m [ModuleName] | /svc | /v]

Each switch has a different functionality as described by Microsoft in http://technet.microsoft.com/en-us/library/bb491010.aspx

Service Control Commands

Syntax: SC [command] [service_name] [Options]

Commonly used commands: GetDisplayName 	Show the DisplayName GetKeyName 	Show the ServiceKeyName EnumDepend 	Show Dependencies qc 		Show config – Display name, dependencies, path of the service etc. Start 		START a service Stop 		STOP a service Pause 		PAUSE a service Continue 	CONTINUE a service Create 		Create a service. Config 		Permanently change the service configuration Delete		Delete a service Control 	Send a control to a service Qdescription 	Query the description of a service Description 	Change the description of a service Qfailure	Query the actions taken by a service upon failure Failure 	Change the actions taken by a service upon failure

CheckSUR Windows 8 & 10 Open cmd in elevated mode >  DISM.exe /Online /Cleanup-image /Restorehealth

Windows Vista & 7 Download the OS specific CheckSUR tool and follow the instruction in http://support.microsoft.com/kB/947821

- Norton URLs - hb.lifecycle.norton.com - To check product updates

www.norton.com - Norton Website

liveupdate.symantecliveupdate.com - Virus Definition update

shasta-rrs.symantec.com - Reputation Database

manage.norton.com - Management server for the Norton products

http://csasmain.symantec.com - Activation server

http://csasalt.symantec.com - Alternate server for activation

- Hardware Repair -

Check Disk Reasons: improper shutdown, unexpected OS crash, removing a USB device without disconnecting it, power fluctuation, and so on.

1 - Running Chkdsk through Windows Explorer Open Windows Explorer Right Click on the drive to be scanned and choose "Properties" In the Properties window, click on the tab named "Tools". Under the Error-checking section, click Check Now.

2 - Running Chkdsk through command line Chkdsk [volumepath]filename] [/F] [/V] [/R] [/X] [/I] [/C] [/L[:size]]

	Specifies the drive letter (followed by a colon), mount point, or volume name.

[]	Use with file allocation table (FAT) and FAT32 only. Specifies the location and name of a file or set of files that you want chkdsk to check for fragmentation. 	You can use the ? and * wildcard characters to specify multiple files.

/f		Fixes errors on the disk. The disk must be locked. If chkdsk cannot lock the drive, a message appears that asks you if you want to check the drive the next time you restart the computer. /v		Displays the name of each file in every directory as the disk is checked. /r		Locates bad sectors and recovers readable information. The disk must be locked. /r includes the functionality of /f, with the additional analysis of physical disk errors. /x		Forces the volume to dismount first, if necessary. All open handles to the drive are invalidated. /x also includes the functionality of /f. /i		Use with NTFS only. Performs a less vigorous check of index entries, which reduces the amount of time required to run chkdsk. /c		Use with NTFS only. Does not check cycles within the folder structure, which reduces the amount of time required to run chkdsk. /l[:]	Use with NTFS only. Changes the log file size to the size you type. If you omit the size parameter, /l displays the current size. /b		NTFS only: Clears the list of bad clusters on the volume and rescans all allocated and free clusters for errors. /b includes the functionality of /r. Use this parameter after imaging a volume to a new hard disk drive. /?		Displays help at the command prompt.

Disk Defragmenter 1 - Run it in GUI mode Start --> Accessories --> System Tools --> Disk Defragmenter OR Start --> Run --> dfrgui.exe

2 - Command-line syntax defrag [switch]

	The drive letter or a mount point of the volume to be defragmented -a 		Analyze only -f 		Forces defragmentation of the volume - regardless of whether it needs to be defragmented or if free space is low -v		Verbose output -?		Display the help text

MBR (Master Boot Record) Check Corrupt or incorrect information in MBR is one of the common causes for Windows failing to boot successfully. MBR is the first sector on the hard drive containing the logical location of the OS MBRand the boot loader information.

Fix MBR using a command-line utility called Bootrec Note that the Bootrec command-line utility is only available in Windows RE command prompt

How to access Windows RE?

In Windows 7 and 8, you can access WinRE in three ways: 1. Boot from the Windows installation media and select Repair. 2. Use the Repair Your Computer in Windows 7 and Troubleshoot option in Windows 8 on the Advanced Boot Options (F8) menu. 3. Boot from the system repair disc, if you had created one before the issue occurred (go to Control Panel | System and Security | Backup and Restore and select Create a system repair disc).

boorec [option/switch] /FixMbr /FixBoot /ScanOs /RebuildBcd

BCDedit (Boot Configuration Data) Information of a system with a single Windows installed has two sections: The Windows Boot Manager - describes the location of bootmgr The Windows Boot Loader - describes the location of the winload.exe file

Commands that operate on a store /export 	Exports the contents of the system BCD store to a specified file. /import 	Restores the state of the system BCD store from a specified file. /createstore	Creates a new empty BCD store. Commands that operate on boot entries in a store /copy		Makes copies of boot entries. /create	Creates new boot entries. /delete	Deletes boot entries. Commands that operate on elements /deletevalue	Deletes elements from a boot entry. /set		Creates or modifies a boot entries elements Commands that control output /enum		List the boot entries in a store. Commands that control Boot Manager /bootsequence	Specifies a one-time boot sequence. /default	Specifies the default boot entry. /displayorder	Specifies the order in which Boot Manager displays its menu. /timeout	Specifies the Boot Manager timeout value. /toolsdisplayorder	Specifies the order in which Boot Manager displays the tools menu.

--- Uninstall program ---

appwiz.cpl

cmd line: msiexec /x more info: http://technet.microsoft.com/en-us/library/cc759262%28v=ws.10%29.aspx

MSI-based can be uninstalled through Microsoft Fix It http://support2.microsoft.com/mats/program_install_and_uninstall/

InstallShield-based uninstall article: http://helpnet.flexerasoftware.com/installshield19helplib/helplibrary/IHelpSetup_EXECmdLine.htm

-- Registry --

Access registry Run command (Win+R) regedit

Note: Always do backup of registry before changing anything

Command-line tool to manipulate the Windows Registry: http://technet.microsoft.com/en-in/library/cc732643.aspx

-