The Malwarebytes research team has determined that Easy Deals is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.
One the extras in PowerShell 5.0 is a couple of cmdlets for workign with zip archives. Actually, you‚Äôll find they are PowerShell advanced functions if you look in the module which you‚Äôll find at C:WindowsSystem32WindowsPowerShellv1.0ModulesMicrosoft.PowerShell.Archive
You get 2 cmdlets:
¬£> Get-Command *archive | ft CommandTYpe, Name -a
$files = Get-ChildItem -Path C:Scripts -Filter *.csv | select -ExpandProperty Fullname
Compress-Archive -Path $files -DestinationPath C:Scriptst1.zip -CompressionLevel Optimal
or a single file
Compress-Archive -Path c:scriptstest.csv -DestinationPath C:Scriptst2.zip -CompressionLevel Optimal
Expand-Archive -Path C:Scriptst1.zip -DestinationPath c:scripts
if you need to overwrite files:
Expand-Archive -Path C:Scriptst1.zip -DestinationPath c:scripts -Force
The Malwarebytes research team has determined that System Support is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.
- Quickly Get the Data You Need for Troubleshooting Exchange Server 2013 Problems
- The fallacy of the workstation File Share Witness
- Microsoft Issues Advice on SSL 3.0 Security Vulnerability
- Appointments reappear in OWA calendar as one Chrome bug is fixed
- Set rules with Office 365 message classification
- Three ways to manage user accounts in Office 365
- How can I delete Exchange audit logs?
- Why is my Exchange Server connection on the fritz?
- How does write back cache improve performance?
- What are write back cache’s requirements?
- Three questions to ask when you work on Office documents in the web
- Exchange Server 2013 Configuration Management with PowerShell DSC
- Customized Exchange2007MBtoMEU.ps1 Script for Office 365 Migrations
- Come get your Calculator Updates!
- How to transition your current SMTP service to EOP in 45 minutes or less
- Planning and Migrating a Small Organization from Exchange 2003 to Exchange 2013 (Part 15)
- Traveling between time zones
- Add shortcuts to your own locations in the Save, Open, Attach File and Insert Picture dialogs
- AQS and KQL: Two query languages for different versions of Exchange
- How to report spam that arrives in Office 365 to Microsoft
- Exchange 2013: In place upgrade places components in an offline state.
Microsoft has recently released the October updates for the Outlook 2007/2013 Junk E-mail Filter.
‚ÄúThis update provides the Junk E-mail Filter in Microsoft Office Outlook with a more current definition of which e-mail messages should be considered junk e-mail.‚ÄĚ
There has for a long time been an issue that when you try to add a new activity to the toolbox when editing a TFS build workflow Visual Studio can crash. I have seen it many times and never got to the bottom of it. It seems to be machine specific, as one machine can work while another supposedly identical will fail, but I could never track down the issue.
Today I was on a machine that was failing, but ‚Ä¶
But I found a workaround in a really old forum post. The workaround is to load the IDE from the command line with the /safemode flag
C:Program Files (x86)Microsoft Visual Studio 12.0Common7IDEdevenv.exe /safemode
Once you do this you can edit the contents of our toolbox with crashes, and also your template if you wish. The best part is that once you exit the IDE and reload it as normal your new toolbox contents are still there.
No perfect, but a good workaround
One of the more successful tools of 21st century crooks is the skimmer. Thieves attach them to ATMs, gas pumps and other places people swipe their credit and debit cards. It’s quite ingenious.¬† Once in place, this sneaky bit of electronics steals the magnetic strip information from your card. Once the thieves have the information, it takes just moments for them to copy or clone it.¬† And once they have a clone, they can drain your bank account or run up huge bills and trash your credit before you even know it!
Bonjour tout le monde,
Microsoft s’est beaucoup appuy√© sur les commentaires re√ßus pour produire cette nouvelle premi√®re mise √† jour de Windows 10 Technical Preview.
C’est en fait plus de 250000 messages via Windows Feedback, plus de 25000 messages du forum communautaire qui ont √©t√© pris en compte pour cette nouvelle build.
Microsoft pr√©cise √©galement qu’il peut se passer un certain temps avant de voir les modifications bas√©es sur les commentaires.
Cette premi√®re mise √† jour, build 9860, a d√©j√† commenc√© √† √™tre d√©ploy√© via Windows Update avec le plein de nouveaut√©s, changements et am√©liorations. Bien s√Ľr, il y a encore quelques bugs et des fonctionnalit√©s pas tout √† fait termin√©es mais le produit est d√©j√† bien avanc√©.
Si vous ne voulez pas attendre la mise √† jour automatique, vous pouvez toujours effectuer "Rechercher des mises √† jour" depuis Panneau de configurationSyst√®me et s√©curit√©.
Le volume √† t√©l√©charger "p√®se" entre 2 et 2,74 Go selon la langue et l’architecture du processeur.
Une fois la build 9860 install√©e, la machine devra red√©marrer et cela durera un peu plus long qu’habituellement; mais il ne faudra pas s’inqui√©ter plus que cela
La premi√®re ouverture de session sera un peu plus longue √©galement √† cause du re-param√©trage des applications, index de recherche, Synchronisation OneDrive, etc…
Certains probl√®mes connus
Dans cette version, la connexion √† un r√©seau Wi-Fi est moins ais√©e mais cela sera corrig√© dans une prochaine build.
Le design des fen√™tres n’est pas encore stabilis√© mais l’√©quipe en charge travaille sur l’aspect final.
L’interface d’Internet Explorer peut pr√©senter un fonctionnement hasardeux avec des √©l√©ments du menu disparaissant pendant l’utilisation, tout cela en fonction du pilote d’affichage.
C√īt√© alimentation, il pourrrait √©galement se produire quelques soucis sur mise en veille ou sur red√©marrage apr√®s mise en veille.
L’utilisation avec 2 moniteurs peut poser un probl√®me d’√©cran bleu √† la d√©connexion; un correctif est √† venir.
Finalement, qu’est-ce qui est nouveau dans cette build 9860 ?
Microsoft parle de plus de 7000 am√©liorations et correctifs apport√©s – dont la plupart sont invisibles √† l’utilisateur – gr√Ęce aux rapports soumis par les utilisateurs de la build 9841. Comme quoi Microsoft s’est r√©ellement appuy√© sur le travail de chacun pour am√©liorer Windows 10.
L‚ÄôAction Center de Windows Phone arrive sur Windows 10. Il sert de centre de notification pour rep√©rer les √©l√©ments nouveaux, autant syst√®mes qu’applicatifs : nouveaux e-mails, messages Facebook, LinkedIn…, changement de statuts, √©v√®nements de calendriers; bref, tout cela en un seul et m√™me endroit.
D√©placer facilement les applications d’un moniteur √† l’autre : lorsque vous travaillez sur plusieurs moniteurs, utilisez WIN + CTRL + <arrow> pour d√©placer l’application active vers un autre moniteur. Vous pouvez trouver une liste de nouveaux raccourcis clavier pour la navigation et la gestion de vos postes de travail multiples en ici dans ce blog post.
Une nouvelle option est pr√©sente dans le panneau de configuration au niveau des mises √† jour : la vitesse √† laquelle vous souhaitez obtenir les nouvelles build. Option "Low" par d√©faut, cela donnera le temps d’utiliser une build pendant que les autres utilisateurs testeront la ou les nouvelles; "Fast", vous installerez les nouvelles builds d√®s leur disponibilit√©.
En attendant son arriv√©e et la d√©couvrir ensemble, bon weekend.
**** KB30000061 is a kernel update:
KB3000061 fails to install on Server 2012:¬†¬† Also impacting Windows 8.
https://social.technet.microsoft.com/Forums/windowsserver/en-US/f77691d8-a9d0-4714-98ad-71665cfa8965/kb3000061-fails-to-install-on-server-2012?forum=winserver8gen¬†¬† Cases opened: 114101711916740 and 114101711915623
Status:¬† See in that thread, Microsoft engineer in the forum is asking for cbs.log files from impacted machines.¬† Some recommendations have been made, no solution at this time.
Two¬†issues with KB2984972 ‚Äď this is a patch to update the RDP restricted admin mode
‚ÄúHeads up, KB2984972 on Server 2008R2 RD server caused issues with our Wyse thinclients ‚Äď it caused them all to span desktops across multiple monitors rather than presenting multiple monitors to the host OS. After uninstalling & rebooting clients are presented with multiple monitors again.‚ÄĚ¬† <<<< will impact MultiPoint Server as well too <<<<<
Another thread on the issue here: http://forums.mydigitallife.info/threads/57448-KB2984972-breaks-concurrent-RDP-patch?p=960999#post960999
Status:¬† Unknown if this is being investigated by Microsoft.¬† Have seen some updates from the thin client vendors, so unsure if this will be patched from the vendor side or from the Microsoft side. https://serverfault.com/questions/637251/what-would-cause-wyse-c10le-thin-clients-to-suddenly-be-unable-to-use-dual-displ/637429#637429?newreg=ab71e335f34e48c2b161992751a39282¬† ¬† If someone has a serverfault reputation of greater than 50 can you post in there and ask them to email me at susan-at-msmvps.com (change the -at- to @) to set up a support case?¬† I really am unsure if there are cases being worked on regarding the thin client impact and I’d love to make sure they are.
App v and KB2984972 impact:
https://social.technet.microsoft.com/Forums/en-US/c90212b0-b32c-4488-9753-fb952112828c/warning-kb2984972-and-autodeskrelated-46-appv-packages?forum=mdopappv¬†¬† << case opened on this issue SRX 114101611907865.
¬† Status:¬† Known issue now documented
Known issues with this security update
After you install this security update, virtualized applications in Microsoft Application Virtualization (App-V) versions 4.5, 4.6, and 5.0 may experience problems loading. When the problem occurs, you may receive an error message that resembles the following:
Launching MyApp 100%322756Resolution To resolve this known issue, configure the TermSrvReadyEvent registry entry on the computer where the Microsoft Application Virtualization Client is installed. For Microsoft Application Virtualization 5.0
- Registry Key: HKLMSoftwareMicrosoftAppVSubsystemObjExclusions
Value name: 93 (Or any unique value)
For example, type the following command at an elevated command prompt to add the entry to a system running Application Virtualization 5.0:
reg add HKLMSoftwareMicrosoftAppVSubsystemObjExclusions /v 93 /t REG_SZ /d TermSrvReadyEvent
- For all supported x86-based systems Registry Key: HKLMSOFTWAREMicrosoftSoftGrid4.5SystemGuardObjExclusions
Value name: 95 (Or any unique value)
For example, type the following command at an elevated command prompt to add the entry to an x86-based system running Application Virtualization 4.6:
reg add HKLMSOFTWAREMicrosoftSoftGrid4.5SystemGuardObjExclusions /v 95 /t REG_SZ /d TermSrvReadyEvent
- For all supported x64-based systemsRegistry Key: HKLMSOFTWAREWow6432NodeMicrosoftSoftGrid4.5SystemGuardObjExclusions
Value name: 95 (Or any unique value)
For example, type the following command at an elevated command prompt to add the entry to an x64-based system running Application Virtualization 4.6:
reg add HKLMSOFTWAREWow6432NodeMicrosoftSoftGrid4.5SystemGuardObjExclusions /v 95 /t REG_SZ /d TermSrvReadyEvent
- Registry Key: HKLMSoftwareMicrosoftAppVSubsystemObjExclusions Value name: 93 (Or any unique value) Type: REG_SZ Data: TermSrvReadyEventExample For example, type the following command at an elevated command prompt to add the entry to a system running Application Virtualization 5.0:
KB2949927 ‚Äď the SHA-2 update: Also¬†seeing issues with KB2949927 getting installed:¬† https://social.technet.microsoft.com/Forums/en-US/bc191121-94ab-483f-ae9f-d5056ca3aae5/kb2949927-fails-to-install-if-bitlocker-fvevol-service-is-disabled?forum=w7itproinstall ¬†and http://www.bobistheoilguy.com/forums/ubbthreads.php/topics/3511807/KB2949927_failing_to_install
STATUS:¬† KB2949927 has been pulled from Microsoft update on 10/17/2014
Then KB2995388 8.1 cumulative update causing issues with VMware workstation:
Workstation 10 issue with recent Microsoft Windows 8.1 Update | VMware Workstation Zealot ‚Äď VMware Blogs:
We noticed that a recent Windows 8.1 Update (KB2995388) may cause issues when running VMware Workstation on a Windows 8.1 host with this update installed. User will see an error message ‚Äúnot enough physical memory‚ÄĚ when booting up a virtual machine
STATUS:¬† per the thread reinstalling vmware 10 will fix the issue, unsure if this patch will be redone or merely the recommendation will be to reinstall VMware
2990942 ASP. MVC security update
Microsoft Asp.Net MVC Security Update MS14-059 broke my build! – .NET Web Development and Tools Blog – Site Home – MSDN Blogs:
Windows Azure Pack: Cannot create Plans.:
Status:¬† Lots of upset developers.
Driver Patch released by vendor bricks users chips
FTDI appears to have used a recent Windows update to deliver the driver update to brick all cloned FTDI FT232s.
FTDI’s¬†surprise new driver reprograms the USB PID to 0, killing the chips instantly.
The hardware hackers at¬†Hack A Day¬†first reported that a recent driver update deployed over Windows Update is bricking cloned versions of the very common FTDI FT232 [USB to UART] chip
Status:¬† A driver update delivered through Windows update supplied by a vendor was designed to nuke non genuine chips.¬† If suddenly your clients/customers start complaining that their USB devices are missing/won’t work, it may be due to this.¬† The vendor used the MU driver update channel to nuke unlicensed chips ¬†(Susan note:¬† despite what the Microsoft folks say I use the driver updates offered up to me via MU as indicators I need to look for vendor drivers, I do not install them on production machines due to too many years of being burnt by them)
Adobe update 11.0.9¬†causes problems with opening files across network shares.¬† Error message received is
“There was an error opening this document. The network path was not found.”
Status:¬† Workaround to issue – disable protected mode (which is not acceptable), otherwise use Foxit or CutePDF reader as an alternative.
The Malwarebytes research team has determined that Auto Cinema is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.
Derbycon 2014 Videos (Hacking Illustrated Series InfoSec Tutorial Videos):
I highly recommend spending a few hours looking around the videos here!
Microsoft has said that they plan to make this Notification Center feature in Windows 10 similar to the one in Windows Phone so there can be a unified experience for notifications.
Microsoft isn’t sure if they are going to go with the name Action Center or Notification Center for this feature yet, so it may change names in a future build of Windows 10.
“This build is focused ONLY on enabling basic notifications ‚Äď quick actions and cleaner UI will come later,” explains Microsoft‚Äôs Gabe Aul.
This tutorial will show you how to open and use the Notification Center in Windows 10 build 9860.
The Malwarebytes research team has determined that Shop For Rewards is adware. These adware applications display advertisements not originating from the sites you are browsing.
When I took this job on yesterday evening, it should have been relatively simple.
The machine had picked up a variation of the FBI virus plus other stuff no doubt, but as it was to be used by somebody other than the original user and nothing had been saved, I elected to do a back to factory reset.
The first part ran well, and it wasn‚Äôt long before I had a working Windows 8. The next job was to update it to the level where I could get it up to 8.1, and this is where the the first problem hit.
Checking for updates, it showed that there were 121 of them, so I set it to install. After two hours of downloading and installing, the machine rebooted and put up the message relating to FAILED updates and REVERTING back.
This morning, I decided to have another go and now there are 133 updates, so I set it to install them. Progress is slow but it accepted the first round of updates, upgraded to 8.1, ..
What really annoys me is that we sit in the MS Forums handing out advice to hapless end users that should work without a hitch, ESPECIALLY on a fresh install of Windows, and it DOESN‚ÄôT work, and for no good reason.
OK.. so finally the HP is up to 8.1 Update and appears to be stable..
I have another machine here form the same client, a Toshiba laptop running Windows 7 which also needed junk removing from it. The job seemed to go well, but the system is so badly corrupted that it will hardly do anything in under 5 minutes and the HDD light is PERMANENTLY lit up. I saved all user data from it and as I type here, it is recovering back to factory default software.
Before I started the recovery, I did try restore points and noticed one which said ‚Äėremove PCBooster‚Äô. So now I have an idea of what screwed the OS, but who installed it? I shouldn‚Äôt worry really, but I charge very little for what I do and it always includes the backing up of data because most of my clients and many more besides have no intention of ever learning how.
After having run one lot of updates after another, the Toshiba is now looking perilously close to being finished and in a state good enough to return to it‚Äôs rightful owner..
The Malwarebytes research team has determined that Object_Browser_v1 is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements
As a consultant building multiple web applications, especially solutions built with the Sitecore Experience Platform, I would spend too much time adjusting entries in my C:WindowsSystem32driversetchosts file. If you are unaware of what the hosts file is, you can find out all about it and it‚Äôs history in this Wikipedia article: wikipedia.org/wiki/Hosts_(file). Some time ago I started implementing what should be a simple standardization best practice: all my local development sites utilize a common top level domain ‚Äď .local instead of .com. I have seen others use .dev and any other non-typical top level domain would work just as well.
Source: ASPAdvice Blog
Be sure to check out my recent blog post regarding my Windows 10 Feature Request (and Interim Solution): Wildcard HOSTS file entries. Here is an excerpt:
As a consultant building multiple web applications, especially solutions built with the Sitecore Experience Platform, I would spend too much time adjusting entries in my C:WindowsSystem32driversetchosts file. If you are unaware of what the hosts file is, you can find out all about it and it’s history in this Wikipedia article: wikipedia.org/wiki/Hosts_(file). Some time ago I started implementing what should be a simple standardization best practice: all my local development sites utilize a common top level domain – .local instead of .com. I have seen others use .dev and any other non-typical top level domain would work just as well.
Source: ASPAdvice Blog
Came across something new today ‚Äď Run with PowerShell.
if you have PowerShell 3.0 or later installed ‚Äď right click on your script and select ‚ÄúRun with PowerShell‚ÄĚ
A few rules though ‚Äď The script can‚Äôt take parameters or output anything to the prompt. You can‚Äôt interact with the script or the console window.
Execution policy is set to Bypass ‚Äď not sure I like that idea – unless the ExecutionPolicy is Allsigned in which case only signed scripts can be run this way. See about_Run_With_PowerShell for more details
A series of posts on using the Exchange DSC resources ‚Äď starts here
The Malwarebytes research team has determined that CinemaxME is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.