Restoring Windows Index Database

I haven’t been here for a while, which is kind of an understatement. To be more accurate I haven’t been around here for “seems like you have died” is
closer to the truth. Well, the news of my demise were obviously exaggerated, which means that I am writing here now, yet it’s not going to be a regular thing.


What happened is that I got annoyed, so I decided to dust off my technical skills (a lot of dust) and take care of what annoyed me. 


Lately, my main tool of trade is e-mail. As such, I use Outlook on Windows 8. As most people (or at least so I assume) I heavily rely on the
search abilities of Windows. Most of the time, everything is good, but once in a while something causes the system to recreate the index database.


This means that while the system re-indexes al my itms I can’t execute any searches accurately(again with the understatements). Now considering that
I have about 400K+ items, this might take a while effectively ruining my day…So I decided to do some research and try to understand if it’s possible to backup
the search database and restore it in such cases.


DISCLAIMER: This method is not endorsed or recommended by Microsoft (as far as I know). This might actually damage your computer and data.
This is something I found while personally exploring.



Use this at your own risk !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!



It turns out that the database is located  under : ‘C:\ProgramData\Microsoft\Search\Data’ . To backup this directory I did the following:


  1. Stop the ‘Windows Search’ service. Please note that you should move it to ‘Disabled’ or it will restart.
  2. Copy the directory to an alternate location.
  3. Start the service and move it back to ‘Automatic (Delayed Start)’.

To restore:


  1. Stop the ‘Windows Search’ service. Please note that you should move it to ‘Disabled’ or it will restart.
  2. Rename the current ‘Data’ directory to something else.
  3. Copy your backup to the original location.
  4. Start the service and move it back to ‘Automatic (Delayed Start)’.

 


What I found was that all of my searches continued working as nothing has happened. In other words, the service was restored
in seconds.


One caveat- when I started Outlook it kept saying that the results might be incomplete as indexing is in progress, but from what I saw
all the results were returned correctly. Eventually Outlook re-indexed all my items, but this didn’t stop me from working or searching
among my 400K+ items while it did so.

Microsoft Security Essentials – Beta

Anti Virus(AV) and Anti-Malware software has always been a necessary evil to me. I managed to
go on for years without installing any type of such protection because I believed that if you are
an experienced enough user, you won’t be infected. I saw no reason for installing an additional
piece of software on my system that would eat up precious RAM and instigate disk activity without
any direct benefit to me except protection from some “unknown and harmful software”.

Years passed by and I got non the wiser while malware kept on developing and eventually I broke down
and installed an AV. I have switched several commercial pieces of software and it has always annoyed me
how bloated these applications were and how they affected the performance of my system.
As free Application became available I started using them, always trying to find the one with the smallest footprint.

In August 2009, Microsoft released their first version of Microsoft Security Essentials. One of the first
things that made me happy was that it was a very thin layer that integrated into your system and had
a minimal (to none) impact on performance while providing the required protection.

Almost an year after the initial release a new beta version has been released.

What’s New in the Microsoft Security Essentials beta?

This Beta version of Microsoft Security Essentials includes these new features and enhancements to better
help protect your computer from threats:

  1. Windows® Firewall integration: Microsoft Security Essentials setup allows you to turn on Windows Firewall.
    So this one had me wondering- I mean, what’s the big deal here…does it really deserver a mention
    in the ‘What’s new’ section? Actually it does because it shows how Microsoft is looking at security as
    one whole unit. Security is a layer cake, each layer should be protected and installing only one system might
    provide a sense of security that is actually false-so yes, reminding you to turn on your firewall (if for some odd reason
    you decided to turn it off) is a big deal.
  2. Enhanced protection from web-based threats: Microsoft Security Essentials has enhanced integration with Internet
    Explorer® which helps prevent malicious scripts from running and provides improved protection against web based attacks.
    Microsoft Security Essentials works with Internet Explorer to scan script-based content and help protect you against online
    threats such as drive-by downloads, malvertising, exploits and redirection attacks before they have a chance to compromise
    your computer.When Microsoft Security Essentials detects potentially malicious content in a web page, it immediately blocks
    the content and displays a notification on your desktop. You can choose to block or allow the content to run.
  3. New and improved protection engine: The updated engine offers enhanced detection and cleanup capabilities
    and better performance.

Download

To download the beta you should go to:

https://connect.microsoft.com/securityessentials

Once you are logged in with your account you will receive access to the beta. Please note that some limitations exist as you
can see from the screenshot below:

image image

*Some issues with downloading the software have been reported, yet currently it seems to be functioning quite well.

 

Installation

  1. Basic welcome screen, license and ‘Customer Experience’ screens:
    imageimageimage
  2. If you would like on your firewall, this is the screen to do it. If you turned it off and would like to leave it off
    uncheck the checkbox:
    image
    To be honest I found this screen somewhat confusing. In my opinion if your firewall is on, it shouldn’t appear at all
    since it causes me to think that if I uncheck the checkbox it might turn my firewall off…and it may also raise the
    question of what will happen if I check the checkbox when my firewall is already on(based on my test nothing)…
    Not a big deal but a bit confusing.
  3. Installation process:
    image image image
  4. Once the process is complete, you will have to restart your system. After the restart make sure to update:
    image

Configuring

For a standard user there is not much left to do and the defaults are fine. If you still want to play around with the
settings, open Microsoft Security Essentials(MSE) and go to the ‘Settings’ tab:

image

  1. Scheduled Scan – Quite self explanatory so I won’t add anything here.
  2. Default Actions – This part of the tab defines how MSE will handle threats it identified. For a detailed description
    of the methods click here.
  3. Real-time protection – Enables you turn off/on the real time protection engine. Note the checkbox at the bottom
    of the page enabling network protection against exploits of known vulnerabilities.
  4. Excluded files and locations/Excluded file types/Excluded processes – Specify any exclusions you might need.
  5. Advanced –A couple of unchecked options that might be of interest here:Scan Removable Drives – When running a
    ’Full Scan’ the software will not scan removable drives.
    If you have an external HD (USB) connected to your system
    you should check this checkbox to make sure that it is scanned during full scans.
    The second option to have a look at is the option of ‘Creating a system restore point’ before cleaning your computer.
    This might be beneficial if the malware used may render your computer unusable. Using system restore you might
    return to a usable but infected state.
  6. Microsoft Spynet – Allows you to configure participation levels.

Usage

To test the behavior of MSE, I download the EICAR Anti-Malware file located at:
http://www.eicar.org/anti_virus_test_file.htm

MSE ran it’s magic, suspended the content and warned me about the existence of the threat:

image

As I asked for additional details, MSE allowed me to decide what to do next and provided detailed information about the threat:

image

 

Conclusions

MSE is a free ,‘thin’, and very effective anti-malware software. It has all the features required to protect your
system and considering that this is a beta, the new version looks very promising.

Intel Xeon 5500 series Blue Screen with Hyper-V (Win2K8 R2)

From the KB:

  • A computer is running Windows Server 2008 R2 and has the Hyper-V role installed.
  • This computer has one or more Intel CPUs code-named Nehalem installed. For example, the Nehalem CPU for a server is from Intel Xeon processor 5500 series and for a client is from Intel Core-i processor series.
In this scenario, you receive the following Stop error message:

0x00000101 (parameter1, 0000000000000000, parameter3, 000000000000000c)

CLOCK_WATCHDOG_TIMEOUT

 

http://support.microsoft.com/kb/975530

Writing again?!

I has been a long time since I wrote. A lot of things happening, but none of them can explain my absence.

It’s going to be a real challenge trying to write again, but I feel that I have no choice. I decided , as a resolution,
to write at least two posts per month…

Removing items from the ‘Run’ window history

I have quite a few annoying habits, and some of them have to do with how I work with computers.
One of these little annoying habits is accessing specific locations and applications on a system from
the ‘Run’ window. Some of you may say that it’s so eighties since we have the search box in Vista
and 7 but I still like it. It’s a simple and quick process: Press Star+R write the location and you are
there.Better yet,if it’s an item you already used it’s stored in history so you don’t have to re-type
the full path or name-and this was the point where it got annoying…

When looking at the history of the Run command I found quite a few items that no longer existed
there, obviously I wanted to remove them. I tried highlighting them and pressing Del to no avail.
Eventually I found that the history items are stored per user in the registry,specifically at the following
path:HKEY_CURRENT_USER → Software → Microsoft → Windows → CurrentVersion → Explorer → RunMRU.

image

As you can see, the items stored in history are arranged in values(REG_SZ) from a to z. Every time you enter
a new item in the Run dialog box it is stored under a “free” letter. Once you hit Z, you can no longer add items
to your history.

Since I have deleted some of the files that they refer too, some of these values have become stale,yet they
still linger on, while others are still useful and I would like to keep them around. The simplest way to clear the
list form stale entries is to simply delete them from the registry (as usual, be very careful when messing around
with the registry as you may render your system unusable
).

Once deleted, they will disappear from the list and allow new entries to be added.

I also noticed that the MRUList value has a list of the alphabet letters based on the order in which the values were created.

BitLocker To Go Reader

BitLocker protection on removable drives is known as BitLocker To Go. When a BitLocker-protected
removable drive is unlocked on a computer running Windows 7, the drive is automatically recognized
and the user is either prompted for credentials to unlock the drive or the drive is unlocked automatically
if configured to do so. Computers running Windows XP or Windows Vista do not automatically recognize
that the removable drive is BitLocker-protected. With the BitLocker To Go Reader users can unlock the
BitLocker-protected drives by using a password or a recovery password (also known as a recovery key)
and gain read-only access to their data.

 

Download it here.

Just another Microsoft MVPs site