Kurt Shintaku's Blog

Looking for yet another way to quicken your Windows 7 boot up time?

This application enumerates all devices, detects ghosted devices and removes these if they match selectable devices types and/or devices classes with a single mouse-click.

Just another way to speed up boot times of Windows 7 x86/x64.  [Use with caution]

• DOWNLOAD: Ghostbuster for Windows 7
  http://bit.ly/dS5d3K

This is hilarious and it’s made my computing day that much more tolerable.

I hate waiting for file copies or for Outlook to come up, etc. etc.  This is a tool that kicks in whenever you are waiting for some process to complete.  It actually plays elevator music in the background and it humorously makes waiting that much more tolerable.  It works when accomplishing tasks like file copies, etc.

DOWNLOAD:  “Instant Elevator Music” – Free elevator music tool during wait periods on Windows Vista/7
http://bit.ly/fYaXsY

Whoa.  We’ve got a promo going that allows you to get an Xbox 360 game FREE when you buy any Windows Phone 7 device!

Visit http://xbx.lv/haCSlv for more information!

Want a framework for responding to malware that might hit your organization?  Here’s a document that helps lay that plan out for you.  Here’s the table of contents of this 55 page document:

Contents

• The Planning and Design Series Approach. 1
• Introduction to Malware Response. 2
• Step 1: Confirm the Infection. 4
• Step 2: Determine Course of Action. 8
• Step 3: Attempt to Clean the System.. 14
• Step 4: Attempt to Restore System State. 22
• Step 5: Rebuild the System.. 25
• Step 6: Conduct Post Attack Review.. 28
• Conclusion. 29
• Appendix A: Malware Security Products at a Glance. 30
• Appendix B: Examining Malware’s Effects on a System.. 31
• Appendix C: Create an Offline Scanning Kit. 43
• Version History. 54
• Acknowledgments. 55

As a member of the Security Solution Accelerator review community your feedback is needed on the Infrastructure Planning and Design Guide for Malware Response Beta. This guide replaces the popular Malware Removal Starter Kit: How to Combat Malware Using Windows PE.

About the guide. Plan the best and most cost-effective response to malicious software by using the Infrastructure Planning and Design Guide for Malware Response. This guide assists organizations in determining the appropriate response strategy to an incident or outbreak of malware. The guide discusses three primary recovery methods: cleaning the system, recovering system state, and rebuilding the system. Each method presents different risks to the organization. The guide also describes approaches to investigating outbreaks and cleaning infected systems. Read this guide to make an informed decision about how to return the systems to operation while limiting the organization’s exposure.

Download the Beta! Get the Infrastructure Planning and Design guide for Malware Response by visiting the Microsoft Connect Web site at: 
https://connect.microsoft.com/site715/content/content.aspx?ContentID=23467

After a very successful launch of System Center Service Manager 2010 last April, Microsoft is pleased to announce the release of Service Pack 1, which will be available globally for download on December 16, 2010.

System Center Service Manager 2010 SP1 addresses critical feedback received from customers and partners and provides greater language support, improved performance capabilities, and a number of usability enhancements. This service pack releases no new feature sets as the next version (R2) of SCSM is expected by the end of next calendar yr (2011).

In addition to the additional language support, over 500 improvements were made to address issues and customer change requests.

System Center Service Manager 2010 SP1 is available through the Microsoft Download Center from December 16th 2010 here.
http:// www.microsoft.com%2fdownloads%2fdetails.aspx%3fFamilyID%3d5118055b-9cd7-45cd-bae6-7fc287d832d7

Details on System Center Service Manager 2010 and the rest of the System Center suite can be found at http://www.microsoft.com/scsm

Get registered early… get a FREE subscription to Technet Professional & $300 off!

Full conference registration types and prices

The full conference registration fee for attendees includes breakfast, breaks and lunch each day of the program (Mon-Thu), attendee bag, notebook, pen, attendee shirt, name badge, lanyard, reception food, access to the Closing Attendee Party, and a 12 month Not For Resale (NFR) version of TechNet Subscription Professional.

Get Ahead Savings. $300 Savings. US $1,895 Register by December 31, 2010. Register Today Registration Assistance

Registration Type	Prices	Availability
$500 Super Early Bird	US $1,695	Register by June 30, 2010
$300 Get Ahead Savings	US $1,895	Register by December 31, 2010
$200 Last Chance Savings	US $1,995	Register by February 28, 2011
Standard	US $2,195	Register beginning March 1, 2011

http://northamerica.msteched.com/Registration

Interested in tethering your Samsung Focus to a Windows 7 x64 installation?

I got these instructions from a coworker… and being that I don’t have a Samsung Focus but rather a LG Quantum, I haven’t personally tested these instructions.  So “caveat user”.

Note that while in “tethering mode,” phone will not sync with Zune over USB, nor will wireless sync work, even if it’s set up.  Switching back to “Zune mode” will re-enable this.  Use wap.cingular in the init string (see below) if you don’t have a tethering-enabled data plan (and use judiciously so you don’t get caught by AT&T), otherwise use isp.cingular.

• The driver package is available here:
  http://www.evilkoala.org/download/
  SAMSUNG_USB_Driver_for_Mobile_Phones.exe

Enabling the phone:

1. If "Diagnosis" app shows in app list, select it to access diagnostic keypad, otherwise go to dialpad and dial ##634#, then hit the call button.
2. Using diagnostic keypad, dial *#7284# to bring up the USB Path Control settings.
3. Select the tether mode.  Allow phone to be restarted.  Zune sync won’t work while in this mode.  Use same steps to switch back to Zune sync mode.

Setting up Win7 x64 driver/modem:

1. Run "SAMSUNG_USB_Driver_for_Mobile_Phones.exe" to get the modem drivers installed.
2. Connect Focus via USB.  Drivers should be installed successfully.
3. New modem, "SAMSUNG Mobile Modem," is installed.
4. Open Device Manager, find the modem, and open its properties.
5. In the Advanced tab, set the extra initialization commands textbox to:
   AT+CGDCONT=1,"IP","isp.cingular" ("wap.cingular" is the "non-tethering" access)
6. Disconnect Focus and repeat steps 2-5 for every other USB port that might be used in the future.  For each port, a new modem entry will be added (with a sequential number), and each one needs to have its initialization string set.

Setting up the DUN connection:

1. Make sure the Focus is connected via USB, that the phone has been enabled for tethering, and that the drivers and initialization settings are taken care of.
2. Open the Network and Sharing Center.
3. Click the link to set up a new connection.
4. Select to set up a dial-up connection.
5. If prompted to select a modem, select the Samsung modem.
6. The number to dial is *99#
7. The username is left blank
8. The password is left blank

Sateesh Arveti, a Support Engineer for our Developer products in Microsoft India, produced a rather nice little tool similar to the 2005 MSI extraction tool, “Less MSIerables” from http://www.softpedia.com/get/Programming/File-Editors/Less-MSIerables.shtml.  It’s a bit more comprehensive however in that it doesn’t just do file extraction but also allows property modification so you can do things like redirect the install directory path, etc.

[Taken from the original post at http://blogs.technet.com/b/sateesh-arveti/archive/2010/11/21/msi-explorer.aspx]

Most of us are quite familiar in creating MSI or Setup for our applications. By using a MSI, we can make sure all dependencies for running the application will be placed properly. MSI is the best option available on Windows OS for packaging and distributing our application. For .NET developers, Visual Studio presents lot of features in creating setup and deployment projects for our application. But, there are no built-in tools in Visual Studio to look into the MSI contents. And that too, to make a small change in MSI, it requires rebuilding the entire Setup Project. So, I think it’s better to design an application that will analyze the MSI and give the details of it along with capability of updating it without rebuilding.

Features present in this application:

• It allows us to look into the contents of the MSI.
• It allows us to export the contents of the MSI.
• It allows us to update commonly changing properties without rebuilding it.
• Easy to use UI.
• Now, Updating an MSI is quite simple.

…

• DOWNLOAD:  MSI Explorer
  http://blogs.technet.com/cfs-file.ashx/__key/CommunityServer-Components-PostAttachments/00-03-37-00-80/MSI-Analyzer.zip

Atlanta is a secure cloud service that helps SQL Server customers reduce server downtime, improve server performance and proactively avoid server configuration problems.  Additionally, Atlanta provides step-by-step guidance to help customers more rapidly resolve identified issues.  This service is backed by Microsoft Customer Service and Support professionals who have access to the latest configuration best practices which they will use to help you with your  SQL Server deployment.

What are the benefits of Microsoft codename “Atlanta?”
Today, DBAs spend a great deal of time and effort dealing with problems related to misconfiguration of their SQL Server deployments.  Due to a time lag between making a SQL Server configuration change, awareness and exploration of a configuration-related issue, and final resolution of the issue, DBAs are often not aware of issues until they cause performance and availability issues.  This costs organizations time and money.  

“Atlanta” will help resolve these challenges by helping customers to:

• Proactively avoid SQL Server problems through ongoing and secure configuration assessment and alerts from the cloud;
• Reduce downtime and improve performance of Microsoft SQL Servers through proactive scanning for known configuration issues and comparison with best practices;
• Resolve issues faster through the ability to share configuration data with Microsoft Customer Service and Support – providing access to a current view of your configuration and then receiving input from Microsoft on the latest solutions.

Get started with Microsoft code-named “Atlanta” today!

• To get started, visit the Microsoft code-named “Atlanta” Beta web site! The beta program is open to all customers based in the US. You can also visit the Microsoft code-named “Atlanta” Connect web site, where you can send feedback directly to the Atlanta product team. Learn more on the official “Atlanta” homepage.

And “Forefront Endpoint Protection 2010” (FEP2010), the successor to “Forefront Client Security” (FCS) has released to manufacturing. 

Forefront Endpoint Protection is our “v2.0” version of our Antivirus/Anti-malware product for the Enterprise and includes some phenomenal improvements over our already excellent FCS product – which had won acclaim as one of the top 3 antivirus products by such evaluators as AV-Comparatives, AV-Test, and VB100 certifications.

Here’s some past posts about Microsoft’s excellence in Antivirus technology:

• NEWS: Microsoft’s free “Security Essentials” beats Symantec head-to-head… YET AGAIN.
  https://kurtsh.wordpress.com/2009/12/02/news-microsoft%e2%80%99s-free-%e2%80%9csecurity-essentials%e2%80%9d-beats-symantec-head-to-head%e2%80%a6-yet-again/
• NEWS: CERN replaces Symantec with Microsoft Forefront Client Security
  https://kurtsh.wordpress.com/2009/09/11/news-cern-replaces-symantec-with-microsoft-forefront-client-security/
• INFO: Forefront Client Security surges past McAfee, TrendMicro, NOD32, Sophos
  https://kurtsh.wordpress.com/2007/09/24/info-forefront-client-security-surges-past-mcafee-trendmicro-nod32-sophos/
• NEWS: Microsoft tops latest AV-Comparatives’ testing (05/2009)
  https://kurtsh.wordpress.com/2009/06/01/news-microsoft-tops-latest-av-comparatives-testing-052009/

Here’s the announcement of Forefront Endpoint Protection 2010’s release:

We are extremely excited to announce that Forefront Endpoint Protection 2010 (FEP) has released to manufacturing!  Customers can access the RTM release on the Microsoft Volume Licensing Service Center (VLSC) starting Jan. 1, 2011 — or try the evaluation version immediately. 

This is our first – and very significant – step in making the convergence of desktop security and management a reality.  Customers using System Center Configuration Manager 2007 can now quickly and efficiently deploy, configure, manage, update, and report on FEP protections, helping to lower infrastructure costs and improve overall security.  And since both products are included in the Enterprise CAL (ECAL), customers who purchase ECAL automatically get access to all the licenses they need to implement the solution.  To make deployment easier, FEP will even identify and replace the existing antimalware agents you may have previously installed.

Customers have already begun seeing the advantages of bringing together powerful antimalware protection with their existing infrastructure for deploying, patching, and updating client systems.  A large university medical center that participated in our Technology Adoption Program (TAP) said the following about their experience using FEP in their 50,000 desktop environment: 

Read more at the Forefront Team Blog:

• Announcing Forefront Endpoint Protection 2010!
  http://blogs.technet.com/b/forefront/archive/2010/12/16/announcing-forefront-endpoint-protection-2010.aspx