Tired of dealing with password resets

Issue Description ============== Password Expiration Policy     Issue Resolution ============== Click Start > Search for Windows PowerShell > Right click ‘Run as administrator’. To establish connection, Open Windows Powershell (Run as administrator) then enter the Global Admin credential (Email address format) after running below script   $cred = Get-Credential   Set-ExecutionPolicy Unrestricted   $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic –AllowRedirection   Import-PSSession $Session     Then we need to make sure we have Microsoft Online Module for Powershell already installed, in case if we don’t please download it from below source :   64 … Continue reading Tired of dealing with password resets

What does a fake voicemail virus email get you?

Well, for one example, here’s what Windows Defender Offline (http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline) found from a scan of an infected machine. Fortunately the user powered down the computer immediately after realizing he had been had. Rogue:Win32/WinwebsecTrojanfile:D:\ProgramData\hDa3n3aV\serv.batfile:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro\Antivirus Security Pro support.urlfile:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro\Antivirus Security Pro.urlfolders:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro\ TrojanDownloader:Win32/Kuluoz.Dcontainerfile:D:\Users\–username-removed–\Downloads\VoiceMail_Seattle_(206)4581802.zipfile:D:\Users\–username-removed–\AppData\Local\dqegmcmb.exefile:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Recent\VoiceMail_Seattle_(206)4581802.lnkfile:d:\users\–username-removed–\Downloads\VoiceMail_Seattle_(206)4581802.zip->VoiceMail_Seattle_(206)4581802.exeregkey:HKCU@S-1-5-21-3504191443-3983057376-3714753911-2621\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\ojphvgtgrunkey:HKCU@S-1-5-21-3504191443-3983057376-3714753911-2621\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\ojphvgtg A tip for you. After running the cleanup removal in Windows Defender Offline, reboot the machine with network disconnected to a Microsoft ERD Commander disc and use the registry editor and Windows Explorer to check the work of the cleanup tool and ensure everything is out of there. Then reboot and run … Continue reading What does a fake voicemail virus email get you?

Need to pull data from your Exchange 2007 – 2013 logs?

Here’s how using PowerShell in the Exchange Management Shell: get-messagetrackinglog -EventID “RECEIVE” -Start “10/22/2013 10:30:00 AM” -End “10/22/2013 4:00:00 PM” -ResultSize Unlimited |fl >c:\trackinglog.txt By the way, the “-ResultSize Unlimited” will get you the full results to your text file and not truncate it.