Compiled by: Todd Johnstone Before starting these steps, open a Word document, save it in documents in a folder called computing problems and use that document to capture items that show as bad as you go through this tutorial. Give it a filename with the date you collect the data 080916 for example. Windows 10 customized items and troubleshooting. Taskbar and start menu properties. o Right click on task bar at bottom of screen o Select properties o On the taskbar and start menu properties Choose task bar location (Taskbar tab) Navigation tab (Click on corner navigation) Windows key + X or right click on lower left corner brings up power shell Tool Bars remove unused toolbars as needed. Sample of Power Shell Options: Page 1
Power Shell gives quick access to: Programs and features was old uninstall software option Event Viewer very useful to check on health of machine Control Panel Control all options as needed Search (only place to find it sometimes) Computer Management o Performance Open resource monitor to see what is happening to slow computer. o Click on cpu to rank processes in order of cpu % Use Task Manager Boot time log, Admin events, system problems Events and Errors Message Center http://www.microsoft.com/technet/support/ee/ee_advanced.aspx Each time the machine is booted a log is kept and evaluated, here is a horrible boot (mine) Log Name: Microsoft-Windows-Diagnostics-Performance/Operational Source: Microsoft-Windows-Diagnostics-Performance Date: 8/9/2016 5:20:05 PM Event ID: 100 Task Category: Boot Performance Monitoring Level: Critical Keywords: Event Log User: LOCAL SERVICE Computer: Deneb-3 Page 2
Description: Windows has started up: Boot Duration : 157191ms Note: 157 seconds! IsDegradation : false Incident Time (UTC) : 2016-08-10T00:14:53.859737100Z Windows slow issues: There is a windows 10 process that uses a lot of cpu for no good reason: Runtime Broker it s designed to give you continuous hints and suggestions in windows 10 as you work. Try turning all the useless notifications off and see if speed improves, and if you miss any of the services. Settings->System->Notifications and actions->>>>> Unselect Show me tips about windows 10 All of these are set to on as a default. Page 3
How do I know if I m connected to the internet if the browser doesn t seem to work? Click on lower left corner (or windows x power shell) Type RUN Open CMD A black dos command window will open, type the following: ping google.com To EXIT a cmd window type Exit, To stop an activity type (CTL) C. This will tell you if you get a ping reply from google, and how fast, under 100MS is fast. Any lost packets are a problem, as is an inability to find google.com Many viruses redirect the DNS (Domain name server) to a spoof one. Above see that google.com was correctly identified as ip address [216.58.193.110] and using that 4 pings were sent out and replies were received. In other words. If you can ping google, you can communicate on the internet. Page 4
Domain Name Service (DNS) Domain name service is the internet directory to look up addresses. DNS servers take a (URL) Name like google.com and look up the real IP internet address. Use of IP addresses and domain names to Ping or trace route are excellent ways to see if your problem is network related. http://dnsquery.org has many tools that can be used for network troubleshooting. Network Tools Tools that can be run from command line Example: run=> cmd => ping google.com ipconfig This tool returns the IP address of your machine, on your local network, also returns the gateway used to access the internet and the DNS servers being used. (full is ipconfig /all which shows all adapters on the machine) NSLOOKUP will look up the domain, or if given the Domain will look up the IP address of that domain. Example: nslookup google.com Page 5
Ping Ping sends a message to an ip address or domain with a small amount of data, the end hardware then reply s. The time to go to and from the end machine/router is measured. Also percent loss if measured to see if all pings were returned. The ping confirms a network connection between your machine and google. With no lost messages. Trace Route - tracert This is a really fun tool which traces the route across the internet that your ping follows. It will also show if there are portions of that path which are slow or non-responsive. Tracert google.com Page 6
Following the trace route the first hop is inside the house to the amped router within the house, then to the gateway within the DSL box supplied by the phone co. (Hop 2) After that we go to major phone company backbone routers in Tukwilla, seattle, and various other locations, the longest delay is hop 6 which is a qwest.net router. http://dnsquery.org can be used to check who owns the IP addresses in this trace. The final address is owned by Google: Local Area Network (inside your house) Since nearly everything connected to the internet will respond to a ping a broadcast ping can be sent to cause all devices to respond. Looking at ipconfig it showed my gateway to be 192.168.1.1, substituting.255 for the.1 will cause everyone to respond: Ping 192.168.1.255 Page 7
However we don t really see them respond unless we check a table within the computer called the ARP table (address resolution protocol) which is where the computer listens to all the network traffic, and takes note of what it hears so it can more quickly find devices (like your printer). (IP addresses need to be converted to physical addresses called : MAC addresses ) Arp a will show the arp table. Everything that responded will be in the arp table: An interesting thing about MAC addresses is that it tells what the device is, and who made it. This tool will help look up a vendor for an address: https://www.wireshark.org/tools/oui-lookup.html Put in the first 3 sets of number c0-56-27- for example which comes back to Belkin - F8-7b-8c ---- traces to F8:7B:8C Amped Wireless which is the manufacturer of my router and 8 port switch. ------00:80:77 Brother industries, LTD. Which is my printer. Page 8
Lastly what is my computer taking to right now? Netstat -a This provides much more information than can easily be digested, however, if looking for spyware and other connections it can be helpful: It will keep telling you what is communicating until you close the command window. Open your browser and go to google.com and you can see the connections being established. Page 9
Anti-virus and Anti-Malware Windows 10 has windows defender which should be all you need, with a functioning windows firewall. Check on the status of your protection and update status by going to Settings => Update & Security => Windows Defender Clear up Malware infections If your computer is infected and you need to remove a virus: Malwarebytes.com is excellent and the paid version gives real time protection. Also check out Malwarebytes Anti-exploit Freeantivirus.com/us/ Trend Micro House Call : one time scan from trend micro http://housecall.trendmicro.com/ Trend Micro Antivirus: http://free.antivirus.com/us/ Comodo for windows 10: https://antivirus.comodo.com/antivirus-for-windows-10/ Page 10