Any service that uses the HTTP API in Windows will effectively be handled by the SYSTEM process, so you cannot just look up the process with netstat -ano and kill it. To view the webservices runing inside the SYSTEM process run the following command
Continue readingCategory: Windows
EventLog Application / Event-ID 1000 EXCEL.EXE mso20win32client.dll 0xc0000005
Log Name Application Event-ID 1000 Level Error Application EXCEL.EXE Message Faulting application name: EXCEL.EXE, Version: 16.0.4978.1000,Faulting module name: mso20win32client.dll, Version: 16.0.4954.1000,Exception code: 0xc0000005Fault offset: 0x0000f496Faulting application path: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXEFaulting module path: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso20win32client.dll Message (German) Name der fehlerhaften Anwendung: EXCEL.EXE, Version: 16.0.4978.1000, Name des fehlerhaften
Continue readingFind services running inside svchost.exe
Find services running inside svchost.exe via cmd.exe tasklist /svc | findstr “svchost.exe”
Continue readingMicrosoft-Windows-Hyper-V-VMMS/Admin, Event-ID 15268
Log Name Microsoft-Windows-Hyper-V-VMMS/Admin Source Hyper-V-VMMS Event-ID 15268 Level Error User SYSTEM Task Category None Message Failed to get the disk information. Check if an *.iso-File is mounted on a virtual dvd drive (with powershell) If so, unmount them and check if the error persists.
Continue readingEnable LDAP-Diagnose (Domain Controller / Active Directory)
Set registry value Set registry value via powershell Check LDAP-Events Open Event-Viewer and browse to “Applications and Services Logs” –> “Directory Service”. There you can find the LDAP-Events. You can filter for Event-ID “2889” to only get the necessary entries. Check LDAP-Events with powershell Disable LDAP-Diagnose with powershell
Continue readingSystem, Event-ID 1102, SNMP
Log Name System Source SNMP Event-ID 1102 Level Warning User N/A Task Category None Message The SNMP Service is ignoring extension agent dll C:\Program Files\QLogic Cosporation\SNMP\qlaspmgnt.dll because it is missing or misconfigured. The path “C:\Program Files\\QLogic Cosporation\SNMP\” does not exist. It should be ” C:\Program Files\QLogic Corporation\SNMP\”. Edit path in
Continue readingAlt Gr randomly stops working
Sometimes I had the problem on Windows 7 and Windows 10 that the Alt Gr Key wasn’t working. The problem often arises if you are connected to another computer over the remote desktop protocol. Solution To solve the problem I just had to press the following key combination:
Continue readingPowershell: Chocolatey package manager
Install Chocolatey Install Package with choco Upgrade Package using choco Uninstall Package using choco Install-Script Code
Continue readingWSL: kali-linux – Install Desktop-Environment
Start kali-linux Run apt-get update Download Script and install it If the script is not available, create it Add the following lines Start xrdp Access Desktop-Environment via mstsc Stop xrdp when finished
Continue readingWindows Subsystem for Linux (WSL)
Enable via Powershell Set Default Linux-Distribution (if you have installed multiple distros) List current installed distributions Install new distribution Browse the following URL:https://aka.ms/wslstoreYou will be redirected to the Windows Store App. Select desired distro and install it. List currently running distributions Terminate Linux-Distribution Run WSL-Command (Linux Commands) from cmd Change
Continue reading