Blog: Windows 7

Have you noticed how Windows Explorer sorts files with numbers in their name not how you would expect?  If you have items named IE4, IE401, IE5, you would expect them to be listed like this:
IE4
IE401
IE5

Instead, they are listed like this:
IE4
IE5
IE401

This is a little strange, since this sort order is used nowhere else by default.  Windows lists the entries in this order because the number 401 is larger that 5.  I got tired of this, so I finally did some searching and found an old Microsoft Knowledge Base article from 2007, http://support.microsoft.com/kb/319827, which still works on Windows 7.  You just create this registry entry: [more]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoStrCmpLogical"=dword:00000001

P.S.  There is -v option to the ls program on most UNIX type systems to sort directory output like this.  The v is for version - to list files with version numbers in order.

After installing the 2482017 and/or 2467023 Microsoft patches you will be unable to connect from the VMware View Connection Server if your View Client  has a build number lower than 353760.  Connection attempts to the VMware View Connection Server will fail.  To fix this problem you can either uninstall the Microsoft patches or upgrade your View Client to a newer version. [more]

Click here to download the VMware View Client patch.

Click here to read the VMware knowledge base article concerning this issue.

Sometime back while I was out of the office, my system crashed with a blue screen message about a hard drive failure.   Fortunately, I was able to restart and save any essential files that weren't already backed up.  When I got back to the office I ran SpinRite on the hard drive, it didn't find any problems, and I have yet to have another crash.

But recently I launched a program which I had running during the crash.  The program appeared in the task bar but nothing happened.  When I clicked on the task bar icon it expanded to show a program instance, but nothing happened. When I right clicked on the task bar icon, it expanded to show the program, "Pin the program to the taskbar" and "Close Window."  I clicked on the program and got an error saying the program could not access a needed file and the program was terminating.  I tried several times to get the program to run and each time I couldn't see the program and eventually getting the same error.  I tried several fixes such as renaming the offending file, deleting the file, etc., but nothing worked.  Finally I restored to a virtual machine where I was able to run the application and finish my work.

Back in the office, I asked a coworker for some help to get a fresh pair of eyes on the problem.  I showed him what was happening and I was able to reproduced the error.  He sat for a moment and then said, "I wonder if it is running off the screen."  He right clicked on the task bar icon looking for the "Move" option and it wasn't there.  (In Windows7, you have to let the task bar item expand and them right click on the instance you desire in order to see the familiar options of "Restore, Move, Size, Minimize, Maximize and Close.") [more]

Once he selected "Move" he was able to move the application window (using the arrow keys) back onto the screen so it could be viewed.

I then realized I was getting the access error, because when I right clicked on the task bar and then left clicked on the program, it was attempting to launch a second instance of the program.  It couldn't do it because the program was already running and had locked the needed files.

"Moving" windows back on the screen is often required when you work with multiple monitors and then switch to work on only one monitor.  In this Gotcha, I hadn't been working on multiple monitors, but the crash must have mixed up the window location.  "Move" fixed the problem.  If you can see an application icon on the task bar, but not on the screen, assume it is running and you need to "Move" it onto the screen.

When I am away from the office I often set Outlook to “Work Offline.”  This allows me to have Outlook open for access to the cached information and it doesn’t try to connect and update all the folders whenever I establish a VPN back to the office.

At some point, Outlook started resorting to Work Offline every time it started.  This was troublesome as I might go for hours at a time not realizing I was Working Offline and as a result, not receiving email messages.  Before this problem, Outlook would start in whatever state (Connected or Work Offline) it was in whenever it was shut down.

In researching the problem I found many references to this problem which go all the way back to Outlook 2003. [more]

Microsoft’s solution is to create a new Outlook profile, as the existing profile has somehow become corrupted.  I really wanted to find a “cause and effect” fix, but never did.  So ultimately, I created a new profile and the problem is solved.  It seems as though this is a work around rather than a solution, but I am now Online.

To create a new Outlook profile go to Mail (32 bit) in the Control Panel (Windows 7).

• Click on the Show Profiles button under Profiles.
• Click on the Add button.
• Give the new profile a different name from your existing profile.
• Follow the instructions and Outlook will connect to the Exchange server and automatically create a new profile.
• With a new profile, you can now have Outlook prompt you regarding which profile you want to use when Outlook starts.  You can also specify one of the profiles for Outlook to use automatically.
• If you specify a profile, be sure you specify the new one you just created.  This will ensure Outlook will start up and look for a connection to the Exchange server rather than ignore the Exchange server and Work Offline.

Windows 2008 terminal servers handle user profiles slightly differently than Windows 2003. 

1. Windows 2008 (and Windows 7) profiles use a different format from previous versions.  You will notice in the roaming profile folder that you get a new folder with a .v2 extension; this is to prevent the new format from being applied to older OS’s.  Essentially, the user has two different roaming profiles; one for older OS’s and one for Windows 2008 (and Windows 7).  (\\servername\profile_share\username\tsprofile for older machines, \\servername\profile_share\username\tsprofile.v2 for Windows 2008 terminal servers)
2. They finally manage to delete the user profile when the user logs off.  I’ve noticed two issues related to this.
   • The Users folder (formerly Documents and Settings) starts having multiple folders with the users name.  wcbtest, wcbtest.datacenter, wcb.datacenter.001, wcb.datacenter.002, etc.  The event log shows an error when trying to delete the profile folder, saying that it is not empty.  I have not looked in-depth yet; there may be a solution to this.
   • If you want to run the group policy results wizard, you have to do it while the user is logged in.
3. If the roaming profile location is unavailable, the user gets a temporary profile every time.  On Windows 2003, you would get an error saying the roaming profile location could not be contacted (if I remember correctly), but the local profile would be normal.

A while back I tried to use nbtstat on my 64bit Windows 7 machine and it seemed to not be installed.  Well, I did some more research into this.  After a while I figured out that if I launched a command prompt using the usual shortcut I had been using, nbtstat would not be found.  But if I launched cmd.exe from the start menu, it could be found.  When listing the contents of the system32 directory the files were different when depending how I launched the command line.

Here is a single screen shot of two command prompts.  The directory commands were executed within seconds of each other.  The top command prompt can see nbtstat.exe, but it cannot see audiodev.dll.  The bottom command prompt cannot see nbtstat.exe, but can see audiodev.dll. [more]

Looking at these closely, did you notice that the times on the files displayed on both command prompts were different?

The gotcha here is how Windows handles launching 32 bit programs on a 64 bit system.  Many of us have probably noticed the “Program Files” directory is for 64 bit programs and the “Program Files (x86)” directory is for the 32 bit programs.  The system32 directory is for 64 bit programs and DLLs and there is a sysWOW64 directory for the 32 bit system32 files.  But instead of the operating system just activating the correct DLL when a program needs it, it does some sneaky root kit like work.  Here is what is really going on: 

When running a 32 bit program, the sysWOW64 directory looks like the system32 directory so no matter what the program does, it cannot try to load a 64 bit DLL.  Or it cannot even load a 64 bit executable.  I was launching the command prompt by using a shortcut.  But I was launching it from a 32 bit program launcher.  A 32 bit program can launch a 64 bit program if it can find it.  But when my 32 bit program launcher went looking for cmd.exe in the system32 directory, it actually found the 32 bit cmd.exe in the sysWOW64 directory and just didn’t know it.  So Windows 7 does not come with a 32 bit nbtstat, only the 64 bit version.  So that is why I could not find nbtstat.

While Bitlocker is encrypting your drive, the program automatically locks your entire drive except for 6GB. This is normally not a problem, but can be an issue if you are doing significant copying to the disk being encrypted. The following verbiage from a TechNet article describes this “feature” and describes how to temporarily pause the encryption in case you need to do work that requires more than 6GB on the disk. [more]

Why does it appear that most of the free space in my drive is used when BitLocker is converting the drive?

BitLocker cannot ignore free space when the drive is being encrypted because unallocated disk space commonly contains data remnants. However, it is not efficient to encrypt free space on a drive. To solve this problem, BitLocker first creates a large placeholder file that takes most of the available disk space and then writes cryptographic material to disk sectors that belong to the placeholder file. During this process, BitLocker leaves 6 GB of available space for short-term system needs. All other space, including the 6 GB of free space not occupied by the placeholder file, is encrypted. When encryption of the drive is paused or completed, the placeholder file is deleted and the amount of available free space reverts to normal. A placeholder file is used only on drives formatted by using the NTFS or exFAT file system.

If you want to reclaim this free space before encryption of the drive has completed, you can use the Manage-bde command-line tool to pause encryption. To do this, open an elevated command prompt and type the following command, replacing driveletter with the letter of the drive you want to pause encryption on:

manage-bde –pause driveletter :

When you are ready to start encrypting the drive again, type the following command:

Manage-bde –resume driveletter :

I run a Windows 7 virtual machine when I need to connect to customer sites.  From this VM I frequently create an RDP session on a customer server then run the vSphere client to connect to the console of multiple VM's.  I ran into a problem where the vSphere client would "capture" my mouse/keyboard in the console session.  Normally you would press Ctrl-Alt to release the mouse, but unfortunately when running from a desktop VM, this releases for the VM and not the connected RDP session.  The only way to get out of this is to force logoff of your RDP session from different session.

My workaround was to create a new key combination through VMware Fusion to send Ctrl-Alt to the VM.  I believe this same technique will work for VMware Workstation also.

One of our IT consulting customers using a Windows 7 laptop was experiencing a problem with access mapped drives while connected to their company using VPN.

Doing some research I found that Windows 7 and Vista both have what's called "slow link mode".  The behavior is that if the latency of the network connection exceeds 80 milliseconds (ms), the system will transition the files to "offline mode".  The 80 ms value is configurable using a local group policy edit.

1. Open Group policy (start -> run -> gpedit.msc)
2. Expand "Computer Configuration"
3. Expand "Administrative Templates"
4. Expand "Network"
5. Click on "Offline Files"
6. Locate "Configure slow-link mode"
7. This policy can either be disabled or set to a higher value for slower connections.

Note – The "Configure Slow link speed" value is for Windows XP Professional. [more]

Additionally, there is a registry value that can be added that can force auto reconnection...

When a server has been unavailable (offline mode) and then becomes available again for connection, Offline Files Client Side Caching tries to transition that server to online mode if all the following conditions are true:

• There are no offline changes for that server on the local computer.
• There are no open file handles for that server on the local computer.
• The server is accessed over a "fast" link.

You can adjust the definition of "slow" and "fast" by using the SlowLinkSpeed Offline Files policy. With this, you can configure Offline Files Client Side Caching to ignore these conditions and transition the server to online mode regardless of whether these conditions exist. To do this, follow these steps:

1. Click Start, click Run, type REGEDIT, and then click OK.
2. Locate and click the following registry subkey:
   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\NetCache
3. Click Edit, point to New, and then click DWORD Value.
4. Type SilentForcedAutoReconnect, and then press ENTER to name the value.
5. Double-click SilentForcedAutoReconnect.
6. In the Value data box, type 1, and then click OK.

Finally, here is a link to a Microsoft TechNet article explaining how Vista/7 handles offline files.  At the bottom of the article is a procedure for disabling offline files completely using a Group Policy Object.  http://technet.microsoft.com/en-us/library/cc749449%28WS.10%29.aspx