Removal instructions for Object_Browser_v1

What is Object_Browser_v1?

The Malwarebytes research team has determined that Object_Browser_v1 is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements

Windows X Feature Request (and Interim Solution): Wildcard HOSTS file entries

Be sure to check out my recent blog post regarding my Windows X Feature Request (and Interim Solution): Wildcard HOSTS file entries. Here is an excerpt:

As a consultant building multiple web applications, especially solutions built with the Sitecore Experience Platform, I would spend too much time adjusting entries in my C:WindowsSystem32driversetchosts file. If you are unaware of what the hosts file is, you can find out all about it and it‚Äôs history in this Wikipedia article: Some time ago I started implementing what should be a simple standardization best practice: all my local development sites utilize a common top level domain ‚Äď .local instead of .com. I have seen others use .dev and any other non-typical top level domain would work just as well.

Source: ASPAdvice Blog

Run with PowerShell

Came across  something new today ‚Äď Run with PowerShell.


if you have PowerShell 3.0 or later installed ‚Äď right click on your script and select ‚ÄúRun with PowerShell‚ÄĚ


A few rules though ‚Äď The script can‚Äôt take parameters or output anything to the prompt. You can‚Äôt interact with the script or the console window.


Execution policy is set to Bypass ‚Äď not sure I like that idea  – unless the ExecutionPolicy is Allsigned in which case only signed scripts can be run this way.  See about_Run_With_PowerShell for more details

DSC for Exchange

A series of posts on using the Exchange DSC resources ‚Äď starts here

Removal instructions for CinemaxME

What is CinemaxME?

The Malwarebytes research team has determined that CinemaxME is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.

FBI Study – over 500,000,000 accounts exposed in past 12 months

The FBI and other authorities have quantified the many data breaches seen in past year.¬† The use of “hacked” means security records were exposed and these actual account information may or may not have been downloaded¬†by the¬†bad guys¬†in the process.

QUOTE: WASHINGTON ‚ÄĒ Federal officials warned companies Monday that hackers have stolen more than 500 million financial records over the past 12 months, essentially breaking into banks without ever entering a building.

“We’re in a day when a person can commit about 15,000 bank robberies sitting in their basement,” said Robert Anderson, executive assistant director of the FBI’s Criminal Cyber Response and Services Branch.

The U.S. financial sector is one of the most targeted in the world, FBI and Secret Service officials told business leaders at a cybersecurity event organized by the Financial Services Roundtable. The event came in the wake of mass hacking attacks against Target, Home Depot, JPMorgan Chase and other financial institutions.

Nearly 439 million records were stolen in the past six months, said Supervisory Special Agent Jason Truppi of the FBI. Nearly 519 million records were stolen in the past 12 months, he said.

About 35% of the thefts were from website breaches, 22% were from cyberespionage, 14% occurred at the point of sale when someone bought something at a retail store, and 9% came when someone swiped a credit or debit card, the FBI said.

About 110 million Americans ‚ÄĒ equivalent to about 50% of U.S. adults ‚ÄĒ have had their personal data exposed in some form in the past year, said Tim Pawlenty, president of the Financial Services Roundtable and the former governor of Minnesota.

About 80% of hacking victims in the business community didn’t even realize they’d been hacked until they were told by government investigators, vendors or customers, according to a recent study by Verizon cited by Pawlenty.

Spybot Search & Destroy Weekly Update – October 22, 2014


++ Ad.CheckMeUp ++ Ad.PremierOpinion
+ myPCBackup
++ Win32.Bezha + Win32.Muollo + Win32.Qhost.ahnj + Win32.Ramnit.F
Total: 2601013 fingerprints in 810919 rules for 7354 products.


Microsoft Security Advisory Notification Issued: October 21, 2014

Security Advisories Updated or Released Today

* Microsoft Security Advisory (3010060)
– Title: Vulnerability in Microsoft OLE Could Allow Remote Code
– ¬Ľ¬∑¬∑¬∑/3010060
– Revision Note: V1.0 (October 21, 2014): Advisory published.

Conferencias en Argentina: Ruby, Python, Smalltalk, PHP, Uqbar, JSConf

Esta es la época de las conferencias, en la primavera de mi pais, Argentina. Tenemos para todos los gustos. Las que tengo presentes son:

RubyConf 2014
Octubre 24, 25, Buenos Aires

PyCon 2014
del Jueves 13 de Noviembre al Sábado 15, Rafaela, Santa Fé

Smalltalks 2014
Noviembre 5 al 7, Córdoba, Córdoba

PHP Conference 2014
Noviembre 7 y 8, Buenos Aires

Uqbar WISIT 2014
Noviembre 28 y 29, 2014, Buenos Aires

JSConf 2014
Noviembre 29, Buenos Aires (parece que es un solo día)

Nos leemos!

Angel ‚ÄúJava‚ÄĚ Lopez

Swift Programming 101: Inheritance & Polymorphism

Step-by-step tutorial teaches you inheritance and polymorphism in Swift!

All the best! 
Kevin McNeish 
Author: iOS App Development for Non-Programmers book series 
Twitter: @kjmcneish 

Data Breach – Early reports for possible Staples compromise

Hopefully the scope of the latest will continue to be isolated to about a dozen of the 1800 stores nationwide.  During WSJ report this morning, it was noted that approximately 400 million accounts have been compromised over the past year collectively by the many firms impacted.

QUOTE: Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach. Staples says it is investigating ‚Äúa potential issue‚ÄĚ and has contacted law enforcement.

According to more than a half-dozen sources at banks operating on the East Coast, it appears likely that fraudsters have succeeded in stealing customer card data from some subset of Staples locations, including seven Staples stores in Pennsylvania, at least three in New York City, and another in New Jersey.

Framingham, Mass.-based Staples has more than 1,800 stores nationwide, but so far the banks contacted by this reporter have traced a pattern of fraudulent transactions on a group of cards that had all previously been used at a small number of Staples locations in the Northeast.

The fraudulent charges occurred at other (non-Staples) businesses, such as supermarkets and other big-box retailers. This suggests that the cash registers in at least some Staples locations may have fallen victim to card-stealing malware that lets thieves create counterfeit copies of cards that customers swipe at compromised payment terminals.

Real patch pain metrics

Humor me please?

If you can recall a patch directly causing impact to your systems please email me directly Рemail (change the -at- to @) with the KB number and what it impacted please?  I would love to put together a list of real patch pain, and not just perceived patch pain.

Fact:  There have been a lot of non security updates that are impacting our patching views.

(I’m looking at you Exchange)

Case in point:
8/26/2014    CU 6 for Exchange 2013

Fact:  There have been a lot of click to run issues impacting our patching views:

6/13/2014    Click to run        Uninstall/reinstall
5/22/2014    Click to run        Activation issues

Fact:  There have been hiccups in Office releases Рespecially in regards to Outlook:
8/13/2014    Outlook 2013    KB2881011    Replaced with KB2889859

Lord knows KB2919355 has impacted my view of this year.

Off the top of my head these are recent pulled patches:
MS14-045 pulled and rereleased.
KB2949927 pulled

Anytime you see a Kernel update, expect slight turbulence especially in the consumer side.  Kernel updates interact with malware infected machines, pirated machines and antivirus vendors that get a little too much protection efforts.

I see the problem as a bit like the Ebola scare in the USA.¬† We’re scared because of a lack of communication.

There’s a lack of post release follow up and communication as I see it.¬† We have no idea how many machines are impacted, we just see the social echo of headlines and twitter feeds.

I am concerned that it seems like it’s taking longer to get investigations done.

We’re a week after release date and I still haven’t a clue why KB3000061 is failing, if the RDP patch is going to get a fix or if the fix should be expected from the vendors or what.

While security patches have a known issue section, other patches need a “we’re investigating” section with follow up.

So?¬† Can you help me out with a feel on REAL patch pain versus perceived patch pain?¬† I don’t want to know “I heard about an issue on a random blog/twitter account that someone was impacted”… I want to know exactly what patch gave you pain.

Microsoft embarque Docker dans le prochain Windows Server…

Bonjour à tous,

Les annonces se font r√©guli√®res depuis juin dernier. C’est officiel !

Microsoft et Docker ont annonc√© un partenariat pour la prise en charge des conteneurs pour la prochaine version de Windows Server. Scott Guthrie, vice-pr√©sident ex√©cutif de l‚Äôactivit√© Cloud Entreprise a indiqu√© : ¬ę nous reconnaissons l‚Äôimportance d‚Äôoffrir la flexibilit√© √† nos clients qui √©volue dans un monde o√Ļ les priorit√©s sont la mobilit√© et le Cloud ¬Ľ.


Il ne s’agit pas de la première annonce de Microsoft sur Docker. Les conteneurs Linux sont déjà pris en charge dans Azure, et les deux acteurs ont travaillé sur l’intégration de l’outil d’orchestration de Microsoft Azure. Docker Hub est maintenant disponible dans Azure Management Portal et Azure Gallery.

En Juin, Microsoft Azure avait ajouté le support des conteneurs Docker sur VM Linux.
Microsoft et Docker Inc. ont annonc√© conjointement l’apport de l’√©cosyst√®me Windows Server √† la communaut√© Docker :
- dans la prochaine version de 2015 dans Windows Server,
- développement open-source de la Docker Engine pour Windows Server,
- support Azure avec les API Docker Open Orchestration,
- intégrer Docker Hub dans Azure Gallery et Management Portal.

En utilisant les conteneurs Docker sur la prochaine version de Windows Server, Microsoft met √† disposition des solutions ouvertes Docker √† la fois sur Windows Server et Linux r√©unissant les meilleures technologies de l’√©cosyst√®me Linux et Windows Server.

Plus d’informations

Ressources machine virtuelle Linux
Cr√©ation d’une machine virtuelle
Vidéo Create a Linux Virtual Machine

Bonne journée.

There are worse things than Exceptions

A¬†piece of advise I’ve given on Stack Overflow more than once is to avoid the File.Exists() method, and others like it. Instead, I’ll tell people to just use a try/catch block, and put their time into writing a good exception handler. I won’t re-hash the reasoning here, as I’ve¬†already covered it before. One of those links was¬†even Gold badge -worthy.

One of the responses I often get to this strategy is that handling exceptions is¬†slow. Why risk a slow exception handler if you can avoid it most of the time with a quick File.Exists() check? I think this argument misses the point first of all for correctness reasons. You still need the exception handler, and using File.Exists() to avoid it is a mistake. But more than that, I think that is just plain wrong about the performance issue, too. Here’s why.

Yes, handling exceptions is expensive from a performance standpoint; very expensive. Let’s get that out of the way: I’m not trying to say that exceptions should be your first choice in every situation. The list of things you can do in programming that are slower is very short. However, the list is not empty. Do you know what’s worse than exceptions? I/O. Disk and Network are far and away worse. Let me explain. Here’s a link and except that show just how much worse they can be:

Latency Comparison Numbers
L1 cache reference                            0.5 ns
Branch mispredict                             5   ns
L2 cache reference                            7   ns             14x L1 cache
Mutex lock/unlock                            25   ns
Main memory reference                       100   ns             20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy              3,000   ns
Send 1K bytes over 1 Gbps network        10,000   ns    0.01 ms
Read 4K randomly from SSD*              150,000   ns    0.15 ms
Read 1 MB sequentially from memory      250,000   ns    0.25 ms
Round trip within same datacenter       500,000   ns    0.5  ms
Read 1 MB sequentially from SSD*      1,000,000   ns    1    ms  4X memory
Disk seek                            10,000,000   ns   10    ms  20x datacenter roundtrip
Read 1 MB sequentially from disk     20,000,000   ns   20    ms  80x memory, 20X SSD
Send packet CA->Netherlands->CA     150,000,000   ns  150    ms

If thinking in nanoseconds isn’t your thing, here’s another reference¬†that normalizes a single¬†CPU cycle as 1 second and scales from there:

1 CPU cycle             0.3 ns      1 s
Level 1 cache access    0.9 ns      3 s
Level 2 cache access    2.8 ns      9 s
Level 3 cache access    12.9 ns     43 s
Main memory access      120 ns      6 min
Solid-state disk I/O    50-150 őľs   2-6 days
Rotational disk I/O     1-10 ms     1-12 months
Internet: SF to NYC     40 ms       4 years
Internet: SF to UK      81 ms       8 years
Internet: SF to AUS     183 ms      19 years
OS virt. reboot         4 s         423 years
SCSI command time-out   30 s        3000 years
Hardware virt. reboot   40 s        4000 years
Physical system reboot  5 m         32 millenia

Taking even the best-case scenario for exceptions, you can access memory at least 480 times while waiting on the first response from a disk, and that’s assuming a very fast SSD. Many of us still need spinning hard-drives, where things get much, much worse.

For a comparison reference, Jon Skeet has blogged about exception handling, where he was able to handling them at a rate of between 42 and 188 per millisecond. While there were some issues with his benchmark, I think the point is spot on: relative to other options, exceptions may not be as bad as you think.

And that’s only the beginning of the story. When you use .Exists(), you incur this additional cost (and it is an addition: you have to do the same work again when you go to open the file) on every attempt. You pay this costs whether the file exists or not, because the disk still has to go look for it in it’s file tables. With the exception method, you only pay the extra costs like¬†unwinding the call stack in the case of failure.

In other words, yes: exceptions are horribly costly. But compared to the disk check, it’s still faster — and not by just a small margin. Thankfully, this is unlikely to drive your app’s general performance… but I still want to put to bed the “exceptions are slow” argument for this specific task.

Windows 10 Tech preview.. Part 5

OK. I am up and running again, but parallel booting with Windows 8, so I can’t easily compare the two side by side.

The right click options from the Start button are impressive, better than the older classic Start menu in fact if you are into Control Panel applets..

  1. Programs and Features
  2. Power Options
  3. Event Viewer
  4. Device Manager
  5. Networks
  6. Disk Management
  7. Command Prompt
  8. Command Prompt + admin
  9. Task Manager
  10. Control Panel
  11. File Explorer
  12. Search
  13. Run

There‚Äôs something there for everybody, and picking #10 gets you the whole ‚Äė10‚Äô yards anyway.

Unfortunately, Microsoft wants everybody to use the tiles to access music, pictures, people, calendar, camera, mail etc, but the tile apps are basic and unreliable, something that comes across clearly in the Microsoft forums. The unreliability is a major issue in Windows 8, badly needs to be sorted, but will it be sorted in time for the Windows 10 release?

The best Microsoft option for photos, mail and calendar is still Windows Live 2012 in my opinion. They work and are reliable.

It is annoying that there is a small limit as to what can be added to the new Start menu, and for this reason I have brought back the Quick launch toolbar such that I can accommodate what I use daily.

Maybe Microsoft will look at this. For users who like the animated tiles, there is only space for five I think, and that is too small an amount. User choices are good and something badly lacking in Windows 8/8.1, and not a lot better in the Windows 10 preview.

There are other changes, less obvious, but Windows 10 will be judged on out of the box usability, not on how good Command Prompt has become. .

One last thing.. what happened to WordPad? There isn’t even a tile version of it.


Check out my first four Modules now in the Sitecore Marketplace

Be sure to check out my recent blog post where I go over details regarding my first four Modules now in the Sitecore Marketplace, here is an excerpt:

While delivering some recent training sessions I provided for a customer, I covered many of the areas where Sitecore is both customizable and extensible. And, if you are like me and like to explore all the new features that are released with each Sitecore version, you probably also found it absurd that getting to some of these features was too much of a manual process. At least I did.

Read the rest here.

Source: ASPAdvice Blog

Getting ready for a test run

Getting ready for a migration at the office from the 2008 R2 era HyperV to a 2012 R2 era hyperV

iphone 064

And as the server sounds like a jet engine taking off…

it always makes me laugh how small the drives are, and how big the unit it

iphone 065

Makes ya wanna buy more hard drives and fill that sucker up.

So one of the things I’m doing this time is rather than doing a router in front of the server to separate out from the production network, I’m trying a virtual router

Fastvue Sophos Reporter How to Deploy Sophos UTM on Hyper-V in 7 Simple Steps:

So far it’s not as simple as that leads one to think it is.¬† I obviously have networking/binding to the nics mucked up because it won’t find the web console address.

I’ll try again tomorrow and let you know how I get along with a virtual router.


Une montre connectée Microsoft désormais imminente…

Bonsoir à tous,

Selon Forbes, les développements sont désormais bien avancés puisque cet appareil devrait voir le jour dans les toutes prochaines semaines…

Bonne soirée.

OT: Cuando me miro al espejo. (Week Joke)

Dime obsesivo… pero me gustar√≠a¬†desvelar la¬†extra√Īa raz√≥n de porque √ļltimamente¬†me invade¬†la inquietante sensaci√≥n de que se me ha pasado el arroz!… alguna idea?



A los veteranos se nos hace dif√≠cil¬†alcanzar a los j√≥venes¬†por su¬†gran capacidad¬†en ‘cores’, aunque pens√°ndolo bien¬†y a estas alturas pudiendo elegir no se si preferir√≠a la hiperactividad de un mont√≥n de diminutos ‘cores’ dif√≠ciles de manejar,¬†frente a¬†un¬†‘cuore’ de los de ‘sin prisas pero sin pausa’¬†con¬†sus¬†inherentes capacidades para compartir¬†‘things’.

Con el tiempo quiz√°s¬†la simultaneidad¬†cu√°ntica¬†se reinvente¬†en¬†un¬†modelo¬†positr√≥nico¬†simple “como el de Asimov :-)” …¬†dejando a¬†la¬†‘core mania’¬† en¬†una pura an√©cdota¬†dentro de¬†la evoluci√≥n del silicio,¬†con¬†su algorimetrica¬† del ¬†paralelismo y¬† asincron√≠a.

Lo mejor esta por venir!!

Upgrading PowerShell

The Scripting Guy has started a series on upgrading the version of  PowerShell you run.  My article in the series is out today –

Recent Comments