Windows

From Sinfronteras
Revision as of 14:37, 7 April 2020 by Adelo Vieira (talk | contribs) (Descargar Windows)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Descargar Windows

  • El Windows Server 2016 que se descarga de este link es la Evaluation Standard Version valid for 180 days. Creo que sería lo mismo descargarlo de la página oficial de Microsoft, link que mostramos a continuación.



  • Descargar Windows Server Evaluations:



$Recycle.bin and System Volume Information folders

Estas carpetas son creadas por Windows en todas las particiones; incluyendo disco duros externos. No son virus.

Both of them are safe.

https://www.quora.com/Are-Recycle-bin-and-System-Volume-Information-folders-viruses-in-Windows-8-OS

$Recycle.bin is the folder that contains the files which you deleted on that drive. It acts as a Recycle bin folder.

Containing folders for each SID(Security ID for each User) and the Recycle bin.

About System Volume Info :

The folder contains information that casual interference could cause problems with proper system functioning. Here are some of the things kept in that folder. (This list is not comprehensive):

  • System Restore points. You can disable System Restore from the "System" control panel.
  • Distributed Link Tracking Service databases for repairing your shortcuts and linked documents.
  • Content Indexing Service databases for fast file searches. This is also the source of the cidaemon.exe process: That is the content indexer itself, busy scanning your files and building its database so you can search for them quickly. (If you created a lot of data in a short time, the content indexer service gets all excited trying to index it.). Cidaemon might be Search Indexer in windows 7.
  • Information used by the Volume Snapshot Service (also known as "Volume Shadow Copy") so you can back up files on a live system.

Source: MSDN Blog Archive.



Instalación de Windows

  • La última vez que instalé Windows 10, realicé la partición a través de Gparted (formato NTFS) antes de iniciar la instalación de Windows. Luego, durante la instalación de Windows, al momento de seleccionar la partición en donde sería instalado Windows, seleccioné la partición que había creado previamente con Gparted. Es importante precisar que no seleccioné la opción que generaba el formateo de la partición (por el instlador de Windows). También se debe notar que en el esquema de particionamiento que realicé (antes de iniciar la instalación de Windows) no dejé nada de espacio «unallocated». Todo el disco fue dividido en distintas particiones sin dejar espacio «unallocated»
Ahora, luego de realizar la instalación de la forma descrita arriba, Guindows tuvo la brillante idea de colocar sus archivos de arranque (boot) en mi partición de datos (1-disco_local)... Bravo Guindows!! Por tanto, grub2 mostraba a Windows en sda1 (donde está mi partición de datos 1-disco_local).
Bueno, no entraré en detalles de por qué lo anterior es una cagada. Traté de solucionarlo reubicando los archivos «boot» siguiendo algunos forums, pero mis intentos fueron en vano.
Investigando para tratar de dar con la razón del por qué Guindows hizo esto, encontré que Windows 10 (al menos el 10) tiende a crear una partición aparte para el «boot». Ahora, no sé realmente como y donde crea esta partición, pues las veces que he instalado Windows 10, no veo esta partición a través de ningún programa que muestre las particiones en el disco como Gparted. Al aprecer es posible que esta partición esté de alguna forma escondida y que ésta y la partición que alberga el resto de los archivos se muestren como una sóla.
Ahora, lo que hize para solucionar el problema fue instalar Windows nuevamente. Esta vez, en el esquema de particionamiento de mi disco, dejé espacio «unallocated». Además, durante la instalación de Windows, al momento de seleccionar la partición donde sería instalado Windows, seleccioné la opción que formatea la formación antes de instalar el sistema. De esta forma, los archivos del boot no se crearon en ninguna de las otras particiones de mi disco. Tampoco se creó ninguna nueva partición en el disco. El espacio «unallocatted» permaneció intacto. Al final parece ser que los archivos de boot se crearon en la misma partición en donde se encuentran el resto de los archivos. Creo que lo que hay que hacer para evitar que el boot sea creado aparte es seleccionar la opción de formateo durante la instalación de Guidows.



Windows 7

Lo instalé correctamente en una ocasión. Para crackearlo creo que lo único que tuve que hacer fue colocar una de las claves que se encuentran en el archivo ./Windows Loader/Keys.ini



Windows 10

  • Luego de instalarlo, Windows pedirá la clave de activación. Podemos, sin embargo, indicar <Activar luego> y empezar y utilizar Windows.



Craquear Activation

  • Para craquearlo, en nuestro directorio «Windows10/Tools_info» se encuentran los siguientes archivos:
    • Windows 10 Pro X64 6in1 OEM MULTi-12 Aug 2015 {Generation2}: Aquí se muestra una descripción de los archivos de esta carpeta.
  • Keys: Contiene códigos de activación. No me funcionaron para realizar la activación de Windows. So, no sé para que sirve.
  • How to activate: Este video muestra como craquear/activar Windows a través de «Microsoft Toolkit 2.5.3»


Entonces, el craqueo/activación se realizará a través del programa «Microsoft Toolkit 2.5.3»:

  • Ejecutamos el programa
  • Click en el Windows Button (al lado de Settings) to load Windows Toolkit. El Boton de al lado is to load the Office Toolkit (no soporta Office 2016)
  • Luego de load the Windows Toolkit, se mostrará la descripción del producto en la cual dice: «Product: Windows 8.1». No sé por que se refiere a la versión 8.1, pero funcionó correctamente para la activación de Windows 10.
  • Luego vamos a la pestaña "Activation"
  • En "Tool:" dirá por defecto "AutoKMS" (lo dejamos así)
  • Click en Install: Se imprimirá cierta información en la cónsola. Nos percatamos de obtener el mensaje: "AutoKMS was succesfully installed"
  • Luego hacemos click en "Activate". Nuevamente se imprimirá cierta información en la cósola: "Product activation successful"
  • Listo! podemos cerrar el «Microsoft Toolkit 2.5.3»


  • Luego, para comprobar que la activación se ha realizado con éxito podemos ir al «File Explorer» (esto no tiene que ver con el «Microsoft Toolkit 2.5.3»; me refiero al explorador de archivos normal que usamos en Windows): Click derecho en «This PC > Properties:»
Así, se desplegará el «View basic information about your computer» donde encontraremos: "Windows is activated" en lugar del "Windows is not activated" que se mostraba antes de ejecutar el «Microsoft Toolkit 2.5.3».
  • Listo! :)



Instalación de softwares en Windows


Office

Para instalar Office2016 ejecutamos setup32.exe o setup64.exe en la carpeta office.

Para crackearlo se debe usar el KMSpico 10.1.9 Portable. Debemos entonces ejecutar el AutoPico.exe. Con el Microsoft Toolkit 2.5.3.rar no se puede crackear porque éste no soporta la versión 2016 de office.

De esta forma lo instalé correctamente en la computadora de Bethania.


Antes de utilizar el KMSpico debemos to turn off Windows Defender Antivirus, pues el Defender borraría automáticamente algunos archivos ejecutables de KMSpico: https://www.tenforums.com/tutorials/5918-turn-off-windows-defender-windows-10-a.html


Luego de craquear es apropiado to turn on Windows Defender again: Settings (Tecla Windows + i) > Update & Security > Windows Defender > Use Window Defender > Start now



Instalar los programas de Adobe

Adobe Acrobat Reader DC (Versión gratuita) puede ser descargado de la página Web Oficial de Adobe:

https://get.adobe.com/fr/reader/otherversions/

También se puede téléchargez une version d'essai gratuite d'Acrobat Pro DC:

https://www.adobe.com/fr/downloads.html

https://acrobat.adobe.com/fr/fr/free-trial-download.html?trackingid=KLBBQ



WinRar

Lo instalé correctamente en la computadora de Bethania a través del ejecutable en WinRAR5.11FR_32et64_PreCrack-delta.zip

Éste ya viene precrackeado así que no es necesario ejecutar un crack luego de la instalación.



Windows administration


Rename the OS

  • Go to Control Panel and choose the System icon
  • Click «Change Settings» > Change:
    • Lo llamaremos DC2017279, then click OK and restart PC



Set up a Networks with server and client

Aquí se harán varias acotaciones para el caso de Virtual networks, porque hemos estado realizando nuestras practicas en una virtual network.

Para que dos computadoras estén conectadas (ping each other):

  • Configurar las IP addresses de ambas devices to be in the same subnet.
  • Asegurarse de que el «ICMP port» está abierto, which is the port that PING uses.
  • Configuring the internal virtual network (VirtualMachines).



Configurar the IP address

Hay dos formas de obtener una IP address:

  1. Estática
  2. Dinámica with DHCP (Dynamic Host Configuration Protocol).



Configure Network Card (NIC) with static IP Address or dynamic IP addressing (DHCP)

Control Panel > Network and Sharing Center > Manage network conections > Local Area conection > Properties > Internet Protocol Version 4 (TCP/IPv4) [click on Properties] > Use the follosing IP address



Static

IP address: 192.168.1.100 (Server 1)

IP address: 192.168.1.200 (Server 2)

Subnet mask: 255.255.255.0

Default gateway: 192.168.1.1


Prefered DNS server: 192.168.1.100

Alternate DNS server:



Dynamic IP addressing (DHCP)

To configure your computer to get an IP address automatically from DHCP (and remove the static IP Address) en el mismo panel donde se configuró el IP estático, click on «Obtain an IP address automatically» and «Obtain DNS server address automatically from DHCP»


((

El comando «hostname» despliega el nombre de la computadora: adelo-laptop

You can ping the IP address or the hostname ping adelo-laptop

))



Asegurarse de que el «ICMP port» está abierto, which is the port that PING uses


Make sure the Windows firewall is not blocking ICMP

Para que el ping se realice con exito entre las dos computadoras hay que asegurarse de que el Firewall no está impidiento la comunicacion.

The Windows firewall may be blocking ICMP which is the port that PING uses. To see if this is the problem try lowering the firewall temporarily (remember to turn it back on afterwards).

To turn Windows Firewall off:

Control Panel > Windows Firewall > To turn Windows Firewall on or off >

Lowering the firewall is not a great solution! Why? Because it is a security violation! A better solution is to make a port exception in the firewall

Another way to open the ICMP port is to configure the Advanced Firewall settings:

  • Start > Administrative tools > Window Firewalls wiht advanced security >
    • Inbound rules > File and printer sharing (echo request ICMPv4-Out (clic d: Enable rule))
    • Outbound rules > File and printer sharing (echo request ICMPv4-Out (clic d: Enable rule))

Enable the rule for both Inbound and Outbound ICMP Ports as shown below.

The easy way to allow PING’s ICMP packets is to «turn on Network Discovery» and «File Sharing» :

Control Panel > Network and Sharing Center > Sharing and Discovery (Opciones en el menú que se encuentra en la parte inferior)

También, si vamos a: Control Panel > Network and Sharing Center > View computers and devices (Network): Aquí, si el Network Discovery ans File Sharing ar turned off, aparecerá una pestaña en la parte superior que indicará lo anterior. Haciendo click en dicha pestaña podemos activarlo.



Configuring the internal virtual network (VirtualMachines)

VirtualMachines use an internal virtual network. To access the external network (for Internet or to communicate with external computers) your network card must be set to Bridged. Perhaps it is set to NAT which could possibly prevent internal communications.

  • From the «Machine» menu (en las pestañas superiores correspondientes al VirtualBox) > Settings > Network:
    • Attached to: NAT - This is the default setting for the Virtual Switch.
    • Attached to: Bridged Adaptor - Bridged Adaptor can bridge you to the host network to help you get Internet access and access your host computer.
    • Attached to: Internal Network - If you are using a DHCP server on your virtual machine DON'T use the Bridged Adaptor setting or you can cause your DHCP server to give out bad address to the people on the real network! So, if you are going to have a DHCP server on the Virtual Network use the Internal Network setting.

Make sure that all of the Virtual Machines in the Virtual network use the same switch settings!!!

Note: when your VMs are on the Internal setting you will not have Internet access in your VM.



Creating a First Windows Server 2008 R2 Domain Controller

Just as a reminder…always use static IP addresses for your domain controllers, and since this is the first DC in the forest the DNS Server IP should be the loopback address. That means that all DNS requests will be resolved by the DNS service on this server.

Para crear el DC se emplea el programa dcpromo. Podemos ejecutarlo en el terminal y se desplegarán las ventanas que nos permitirán crear el DC:

Luego de ejecutar dcpromo:

  • The system is now checking if all prerequisites are installed, if not it will install them automatically.
  • After the prerequisites are installed the Active Directory Domain Services Installation Wizard appears. We don’t care about the advance features right now, so just click Next to continue.
  • The second screen is telling us that improved security is made in this version of Windows, and older versions of Windows like NT might have some problems. For this lab we are OK, just click Next.
  • This is where all begins; we have two radio buttons on this screen Existing Forest, and Create a new domain in a new forest. If you already have a domain controller on your network, the first one is your choice (not our case), and the second one is for those that are installing a brand new domain controller. As you might guest by now the second one is the one that we are going to choose, so click the second option Create a new domain in a new forest and hit the Next button.
  • In the Name the Forest Root Domain screen we need to type the FQDN of our domain. In my case I will type vkernel.local. Alway put a FQDN in the box and not just a simple name like vkernel or microsoft.
  • After it verifies that the name is unique in the network, we need to set a Forest Functional level on the next screen. Here click the drop down box and select Windows Server 2008 R2 so we can take advantage of all the new features included in this version of Windows.
  • In the Additional Domain Controller Options screen we have only one option that we can modify, the DNS server; but we are not going to, because we have no internal DNS server in our network, and Active Directory cannot live without it. Leave everything as it is and click Next.
  • We are warned that a delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does not run Windows DNS server. This is because it can’t find an authoritative DNS server with a zone (in my case) vkernel.local, witch is OK because this is going to be our first DNS server too. Just ignore the message and click Yes to continue.
  • Here we choose where the Active Directory database and logs are going to reside. For now just leave the defaults and click Next.
  • Now we need to set a password for the Active Directory Restore Mode, in case something happens with our database and needs to be restored. Put a strong password and click Next.
  • Click Next on the Summary page so the installation of Active Directory Domain Service will begin.
  • After restart we can verify if Active Directory and DNS services are installed and functioning. Go to Start > Administrative Tools > Active Directory Users and Computers, and DNS.
  • We are now done installing the first Domain Controller in the forest.



DHCP - Creating a DHCP Infrastructure

Estas notas se derivan de la guía proporcionada por el Prof.: DHCP_basics.pdf (excelente guía para entender los conceptos básicos)

Dynamic Host Configuration Protocole (DHCP) allows you to asign IP addresses, subnet mask, and other configuration information to Client computers on a local network. When a DHCP server is available, computers that are configured to obtain an IP address automatically request and receive their IP configuration from that DHCP server upon starting.

You must have have the following in place:

  • Two nerworked computers running Windows server 2008 R2.
  • The first computer must be a Domain Controller (named DC2017279) in a domain named DC2017279.cct. DC2017279 must be assigned a static IP address, with the DNS server specified as the same address. DC2017279 includes the sever rolel Active Directory Domain Sservices (AD DS) and DNS server.
  • The second computer (Client2017279) must be assigned an static IP address too. Its DNS server must be specified as the IP address of DC2017279. Finally, Client2017279 must be joined to the «cct» Active Directory domain.



Understanging DHCP address assignment

The actual negociation between DHCP client and DHCP server occurs in four stages:

DHCP address assignment process
  • Broadcast DHCP Discovery: The client Broadcasts a DHCP Discovery message to the local network to identify any available DHCP servers. This broadcast reaches only as far as the nearest router.
  • Respond with DHCP offer: If a DHCP server is connected to the local network, it broadcast a DHCP offer messaget for the DHCP client. The DHCP message contains a list of DHCP configuration parameters and an available IP addresss form the DHCP scope. If the DHCP server has an IP address reservation that matches the DHCP client's MAC address, it offers the reserved IP address to the DHCP client.
  • Respond with DHCP request: The client responds to the DHCP message and requests the IP address contained in this DHCP offer message. Alternatively, the client might request the IP address that was previously assigned.
  • Confirm with DHCP Ack: If the IP address request by the client is still available, the DHCP server responds with a DHCP Ack (acknowledgement) message. The client can now use the IP address.
DHCP address assignment process show in network monitoring. Ver explicación de esta figura en la guía proporcionada por el Prof.: DHCP_basics.pdf



Understanding address leases

Every DHCP server mantains a database of address that the server can distribute to clients. The DHCP server assigns addresses in the form of a lease that last six or eight days (depending on configurations). To prevent an IP address from being indefinitely assigned to a client that has disconnected from the network, DHCP servers reclaim addresses at ehe and of the lease period. A la mitad del lease periodo, el cliente submit a lease renewal to the DHCP server. If the DHCP server is online, this tipically accept the renewal, and teh lease period restart. If the DHCP server is not available after 87.5 percent of the lease tiem has elpased, de client attempts to locate a new DHCP server and possibly adquire a new IP address.



Undestanding DHCP Scopes

The scope is the rage of IP addresses the DHCP server can provide. Este rango de IP addresses es configurado en el DHCP server.



Understanding DHCP options


Installing and configuring a DHCP server in Windows Server 2008


Adding the DHCP server role
  • To install and configure a DHCP server, first be sure to assign the server a static IP address that will be compatible with the address range planned for the local subnet
  • After you have assigned the server static IP address, use the «Add Roles Wizard» to add the DHCP server role on the computer. You can lanch the Add Role Wizard in the Initial configuration Task window or in the «Server Manager»
    • To access the «Add Roles Wizard» in Widows Server 2018: Stat > Server Manager: Action > Add Roles
  • When you select the DHCP sever role check box on the select server role page of the Add Roles Wizard, the Wizard presents you with the following configuration pages:
    • Select Network Connection Blinding: Aquí se especifica el network adapter or adapters the DHCP server will use to service clients. If yout DHCP server is multihomed this option will give you the opportunity to limit DHCP service to only one network.
    • Specify IPv4 DNS Server settings
    • Specify IPv4 WINS Server settings
    • Add or Edit DHCP scopes: Each subnet can have only a single DHCP scope with a single continuous range of IP Addresses:
      • Scope name: this option has not effect on DHCP clients. It is merely a name you can use to label the scope. En este ejemplo se le colocó el nombre del dominio.
      • Starting IP Address and Ending IP Address: You should use the consecitive addresses that make up the subnet for which you are anabling the DHCP service. However you should also be sure to exclure from this range any statically assigned addresses for existing or planned servers on your network. For example, on the same subnet, you need to assign a static IP address to the local DHCP server, a router (default gateway), and any DNS server, WINS servers, and domain controllers. To exclure these adresse, you can simply choose to limit the scope range so that it doesn't include any of the static addresses assigned to servers. For example, in the subnet 192.168.0.0/24, you coukd keep the addresses 192.168.0.1 - 192.168.0.20 for your static addressed servers so you will difine the scope as 192.168.0.21 - 192.168.0.254.
      • Subnet Mask
      • Default Gateway (optional): This option anable you to configure the default gateway address que será asignada al DHCP client
      • Subnet type: This option allows you to assign one of the two lease duration to the scope. By defaul, the scope is set to the Wired subnet, which configure a lease duration of six days. The alternative setting is wireless, for which the lease duration is 8 hours.
      • Activate this scope
    • Configure DHCPv6 Stateless Mode: If yout choose to disable stateless addressing, you will later need to create a scope for an IPv6 addres range... (en nuestra configuración dejaremos la opción por defecto: Enable DHCPv6 Stateless Mode for this server)
    • Specify IPv6 DNS Server settings
    • Authorize DHCP server: This page give you the opportunity to authorize a DHCP server for use in an Active Directory domain. In AD Domain environements, a DHCP server will not issue IP addresses to clients unless the server is authorized (in fact, the DHCP server will shut down if the server is not authorized). Esto reduce el riesgo de que un usuario (accidentalmente o intencionalmente) cree un DHCP server que asigne direcciones IP inválidas a los clientes DHCP.



Post installation configurations

Create address exclusions:

An exclusion range is a set of one or more IP addresses that is included within the range of a defined scope but that you don't want to be lease to clients.

To do that, in the DHCP console tree, navigate to:

  • DHCP\<server node>\IPv4\Scope\Address Pool (Click d sobre la Address Pool folder) and then choose New exclusion range
  • Then in the Add exclusion dialog box that opens, configure the range of addresses you want to exclure. If you want to delate a single address, specify the start IP address and and IP address as the same. You can create more than one exclusion range.


Creating reservations:

Si queremos que una IP address en particular sea siempre otorgada a un dispositivo, tenemos que hacer uan reservation. Para esto debemos asociar la IP Address con la MAC address del dispositivo al cual queremos asignar dicha IP address. Reservations ensure that a specified hardware divice on the subnet can alway use the same IP address without relying on a manually configured address. For examplo, if you have defined the range 192.168.0.11 - 192.168.0.254 as your DHCP scope, you can then reserve the IP address 192.168.0.100 within the scope for the network adapter whose hardware address is 00-b0-d0-01-18-86.

The advantage of a reservation, compare to a manually configured address, is that it is centrally managed and less likely to be configured incorrectly. The disadvantage is that its address is assigned late in the startup process and depends on the presence of a DHCP Server.

To create a reservation, in the DHCP console tree, navigate to:

  • DHCP\<server node>\IPv4\Scope\Reservations (Click d sobre la reservation folder) and then choose New reservation
  • In the New reservation dialog box that opens, specify a name, IP address and MAC address


Adjusting lease durations:

  • Open the properties of the scope whose lease duration you want to adjust. You can asjust the lease duration on the General tab in the Lease Duration for DHCP clients area.



Password policies and Account lockout policies


Password policies

In a Windows Server 2008 R2 domain, the defaul settings of the password policies are:

  • Maximum password age: Users are required to change their password every 42 days.
  • Enforce password history: Esta opción asegura que el nuevo password usado por el usuario no sea el mismo que ha usado previamente. El número de previos password que es usado para comparar el nuevo password es determinado por el «Enforce password history». Por defecto, Windows almacena los últimos 24 passwords (hash codes).
  • Minimum password age: 1day. Si un usario quisiera usar el mismo password cuando el password ha vencido, podrían simplemte cambiar el password 25 veces para superar el password history. Para evitar esto, la opción «Minimum password age» impide que el password sea cambiado en el lapso de tiempo especificado. Por defecto, el usuario tendría que cambiar el password una vez al día por 25 días para poder usar el mismo password.
  • Minimum password length: At least seven characters long.
  • Password must meet complexity requirements (Enable by defalt): Password must including the use of three of four characters types: uppercase, lowercase, numeric, and non alphanumeric.
  • Store passwords using reversible encryption (Disabled by default):

Para cambiar las configuraciones por defecto hay que ir a:

Start > Administrative tools > Group Policy Management. There, within the Domain name (Domain2017279.cct) hacer clic derecho en «Default Domain Policy» > Edit. Luego de eso se abrirá la ventana «Group Policy Management Editor». Then, > Conputer configuration > Policies > Windows Settings > Security Settings > Account Policies > Password Policy



Account lockout policies

An intruder might determine the correct password by guessing or by repetedly logging on with combinations of characteres or words until the logon is successful. This type of attact can be thwarted by limiting the number of incorrect logons allowed. That is exactly what account lockout policies achieve.


Three setttings are related to account lockout:

(1) Acccount Lockout threshold determines the number of invalid logon attempts permitted within a time specified by the second of these settings, (2) Account Lockout Duration. If an attack results in more unsuccessful logons within that time frame, the user account is locked out. When an account is locked out, active directory denies logon to that acccount, even if the correct password is specified.. You can also configure Active Directory to automatically unlock the account after a delay specified by a third setting, the (3) Resset Account Lockout Counter After policy setting.

Las configuración del Account lockout se hacen en el mismo pandel en donde se configura el Password Policy: > Account Policies > Account lockout Policy



Connect to another computer using Remote Desktop Connection

https://support.microsoft.com/en-ie/help/17463/windows-7-connect-to-another-computer-remote-desktop-connection



Mount a partition

Montar un disco o partición.

Luego de instalar Windows, en: This PC > "Devices and Drives" no se mostraba la partición NTFS en donde guardo todos mis archivos. Para montar y poder acceder a dicha partición desde "Devices and Drives" en el File "Explorer" (como se accede an C:, por ejemplo) lo único que tuve que hacer fue ir a:

  • Control Panel > System and Security > Administrative tools > Computer Management > Disk Management:
    • Right-click en la partición > Change Drive Letter and Paths > Add > Assign the following drive letter:

Luego de asignarle una letra, la partición se encontraba en "Devices and Drives" y se podía acceder a ella.

https://www.drivereasy.com/knowledge/how-to-fix-no-bootable-device-error/

https://windowsforum.com/threads/windows-boot-manager-on-wrong-drive.222903/

https://www.sevenforums.com/installation-setup/189387-system-reserved-partition-wrong-drive-how-do-i-move.html