Just wanted to share this.  Below is a great low-level illustration of what actually happens when a computer is infected by a virus.

The latest viruses are those pesky ones that try to tell you there is a virus on your machine and try to get you to buy software, etc.  These are all FAKE and intended to get you to put in your credit card number so it can be STOLEN.  However, some people are under the false assumption that if they ignore the issue, it will go away.  This is horribly wrong.  ANY (I said ANY) piece of rouge software installed on your machine is dangerous.  This illustration shows just one of the things that the rouge software can can do - it can turn your machine into a remote-controllable BOT intended to be used to send out SPAM or do other large-scale attacks often without you ever even knowing.  If you ignore these issues you leave yourself wide open for Identity Theft, data theft, etc.  We all store information on our computers and most if not all of us in the modern world use the computer to do some sort of financial transactions on the Internet.  If one of the components of the rouge software is a keylogger, without knowing, you are sending every single letter you type to an off-site location to be collected, indexed, and inappropriately used by cyber criminals.  This all happens in "a blink of the eye".  I just watched a Sophos web seminar on the latest rouge/fake antivirus viruses.  There are reports that these viruses are now mutating at a rate of 10,000 - 20,000 TIMES A DAY.  The engine at the core of these viruses can enter your machine and search for 15-20 application vulnerabilities (Adobe, Microsoft Windows, Internet Explorer, Microsoft Office, etc) and attack any one of the vulnerabilities that it finds within seconds - all because you viewed a "safe" web page that had malicious code injected into it.

 

What can you do?  Get Clean, Get Protected, Stay Clean. 

 

Get clean - hire someone competent to professionally clean and check your computer.  Viruses hide everywhere and the only way to ensure a successful clean is a multi-pass scan solution using several different scanning products.  Your cousin, neice, son, nephew, neighbor, husband, wife, etc is NOT sufficient unless they are in the industry and are constantly studying these viruses and how to clean/prevent them.  Its YOUR DATA.  It HAS VALUE.  Do NOT COMPROMISE.

 

Get protected - purchase an AntiVirus solution or use one of the free solutions provided by Avast, AVG, etc.  These programs are changing almost daily - use the Internet to search for reviews of the latest "top 10" or hire a professional to consult you on what is best for you.

 

Stay clean - Even the best Anti-Virus may not catch everything because of the high volume of mutations.  If you notice any infections or weird pop-ups, etc, - chances are, your computer is infected.  DO NOT IGNORE IT - it will only get worse.  Once a small piece of any rouge software has infiltrated Windows, it will talk back to its "home-base" and teach itself how to hide from even the best AntiVirus programs, inform "homebase" that it has conquered a machine and wait for "homebase" to send additional software, etc to the machine, or to remote control the machine, or to gather data from the machine and send it back to "homebase".  One small rouge piece of software can be the pin-hole in any security strategy that allows more and more malicious software to be installed.

 

I recently had a user clean up a lot of pictures on their computer by moving and deleting them.  The next time the user went into Office Picture Manager, the splash screen would appear but it would never bring up the program (never meaning within 5 minutes - I have read reports that it will eventually open it just takes time).

The problem seems to be the catalog file that OIS.exe (the Picture Manager executable) uses.  Follow these directions to reset the picture manager catalog:

Browse to %userprofile%\Local Settings\Application Data\Microsoft\OIS. Locate the file named OIScatalog.cag, and double-click on it. When asked what you want to open the file with choose Notepad from the list. When it opens you will see a file that looks like the following. Remove any lines that start with mru path. Make sure to remove the entire line including the opening/closing tags. You can also just delete the OIScatalog.cag file, and it will be re-created the next time you open a picture.

I had an issue with a Small Business Server SBS 2003 to SBS 2008 migration where once everything was up and running, I had problems with Outlook 2007 Clients giving certificate errors.  Also, OWA Outlook Web Access would redirect to http://sites/owa.  The problem was the internal and external URL settings on the various transports in Exchange 2007.  This powershell script helped to fix the problem.  Note, some errors occurred for me but I was able to just step through the code and issue the commands to the Exchange Shell manually to get the job finished.  The main problem was the AutoDiscover Internal URI - once that was fixed the rest fell into place.

 

# Script to allow you to set all virtual directories to a common name like mail.company.com

Start-Transcript

# Variables

[string]$UMExtend = "/UnifiedMessaging/Service.asmx"
[string]$OABExtend = "/OAB"
[string]$SCPExtend = "/Autodiscover/Autodiscover.xml"
[string]$EWSExtend = "/EWS/Exchange.asmx"
[string]$ConfirmPrompt = "Set this Value? (Y/N)"
[string]$NoChangeForeground = "white"
[string]$NoChangeBackground = "red"

Write-host "This will allow you to set the virtual directories associated with Autodiscover provided services to the name you provide."
Write-host ""
[string]$base = Read-host "Base name of virtual directory (e.g. mail.company.com)"
write-host ""
# =======================================================
# Validate if a third party trusted certificate is being used
# because BITS won't use untrusted certificates
[string]$set = Read-host "Is the certificate being used an internally generated certificate? (Y/N)"
Write-host ""

if ($set -eq "Y")    {
    [string]$OABprefix = "http://"
}    else    {
    [string]$OABprefix = "https://"
}

# =======================================================
# Build the Autodiscover URL and set the SCP Value

Write-host "Setting Autodiscover Service Connection Point" -foregroundcolor Yellow
write-host ""

$SCPURL = "https://" + $base + $SCPExtend

[array]$SCPCurrent = Get-ClientAccessServer

Foreach ($value in $SCPCurrent) {
    Write-host "Looking at Server: " $value.name
    Write-host "Current SCP value: " $value.AutoDiscoverServiceInternalUri.absoluteuri
    Write-host "New SCP Value:     " $SCPURL
    [string]$set = Read-host $ConfirmPrompt
    write-host ""
    
    if ($set -eq "Y")    {
         Set-ClientAccessServer -id $value.identity -AutoDiscoverServiceInternalUri $SCPURL
    }    else {
        write-host "Autodiscover Service Connection Point internal value NOT changed" -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
    }
}

# =======================================================
# Build the EWS URL and set the internal Value

Write-host "Setting Exchange Web Services Virtual Directories" -foregroundcolor Yellow
write-host ""

$EWSURL = "https://" + $base + $EWSExtend

[array]$EWSCurrent = Get-WebServicesVirtualDirectory

Foreach ($value in $EWSCurrent) {
    Write-host "Looking at Server: " $value.server
    Write-host "Current Internal Value: " $value.internalURL
    Write-host "New Internal Value:     " $EWSUrl
    [string]$set = Read-host $ConfirmPrompt
    write-host ""

    if ($set -eq "Y")    {
        Set-WebServicesVirtualDirectory -id $value.identity -InternalURL $EWSURL
     } else {
        write-host "Exchange Web Services Virtual Directory internal value NOT changed" -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
     }

    Write-host "Looking at Server: " $value.server
    Write-host "Current External Value: " $value.externalURL
    Write-host "New External Value:     " $EWSUrl
    [string]$set = Read-host $ConfirmPrompt
    write-host ""

    if ($set -eq "Y")    {
        Set-WebServicesVirtualDirectory -id $value.identity -ExternalURL $EWSURL
    } else {
        write-host "Exchange Web Services Virtual Directory external value NOT changed" -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
    }
}

# ======================================================
# Build the OAB URL and set the internal Value

Write-host "Setting OAB Virtual Directories" -foregroundcolor Yellow
write-host ""

$OABURL = $OABprefix + $base + $OABExtend

[array]$OABCurrent = Get-OABVirtualDirectory

Foreach ($value in $OABcurrent) {
    Write-host "Looking at Server: " $value.server
    Write-host "Current Internal Value: " $value.internalURL
    Write-host "New Internal Value:     " $OABUrl
    [string]$set = Read-host $ConfirmPrompt
    write-host ""

    if ($set -eq "Y")    {
        Set-OABVirtualDirectory -id $value.identity -InternalURL $OABURL
    } else {
        write-host "OAB Virtual Directory internal value NOT changed" -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
    }

    Write-host "Looking at Server: " $value.server
    Write-host "Current External Value: " $value.externalURL
    Write-host "New External Value:     " $OABUrl
    [string]$set = Read-host $ConfirmPrompt
    write-host ""

    if ($set -eq "Y") {
        Set-OABVirtualDirectory -id $value.identity -ExternalURL $OABURL
    } else {
        write-host "OAB Virtual Directory external value NOT changed" -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
    }
}

# =======================================================
# Build the UM URL and set the internal Value

Write-host "Setting UM Virtual Directories" -foregroundcolor Yellow
write-host ""

$UMURL = "https://" + $base + $UMExtend

[array]$UMCurrent = Get-UMVirtualDirectory

foreach ($value in $UMCurrent) {
    Write-host "Looking at Server: " $value.server
    Write-host "Current Internal Value: " $value.internalURL
    Write-host "New Internal Value:     " $UMUrl
    [string]$set = Read-host $ConfirmPrompt
    write-host ""

    if ($set -eq "Y") {
        Set-UMVirtualDirectory -id $value.identity -InternalURL $UMURL
    } else {
        write-host "UM Virtual Directory internal value NOT changed" -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
    }

    Write-host "Looking at Server: " $value.server
    Write-host "Current External Value: " $value.externalURL
    Write-host "New External Value:     " $UMUrl
    [string]$set = Read-host $ConfirmPrompt
    write-host ""

    if ($set -eq "Y") {
        Set-UMVirtualDirectory -id $value.identity -ExternalURL $UMURL
    } else {
        write-host "UM Virtual Directory external value NOT changed" -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
    }
}
Stop-Transcript

 

(http://www.exchangeninjas.com/set-allvdirs)

I had a situation where I had a non-booting Windows XP but did not know what service pack it was to know which CD to use to repair it.

Using MiniPE and a remote registry tool, navigate to this key:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion

The sub-keys and values under this location will help determine OS and Service Pack versions.

As you probably knew, or do now since you are searching for this information, Exchange 2007 requires a UCC Multi-Domain SSL Certificate to properly function.  Here are some tips for setting it up.

-Pick your favorite vendor to purchase the UCC SSL from and make the purchase

-Generate the request from the Exchange 2007 Server.  To do this, open the Management Shell and issue the New-ExchangeCertificate command.  A great tool is provided here: https://www.digicert.com/easy-csr/exchange2007.htm.  You can use this tool to generate the request and it will save the information to a file in the path you can specify or leave default

   For Example:  Lets say we have an Exchange 2007 Server whos Internet Address is mail.rockabilly.com and its local domain address is exch07.rockabilly.local.  I would also include remote.rockabilly.com, rockaserver.rockabilly.local, autodiscover.rockabilly.com, autodiscover.rockabilly.local in the list of requested names.  Feeding this into the tool yields the following request:  "New-ExchangeCertificate -GenerateRequest -Path c:\mail_rockabilly_com.csr -KeySize 2048 -SubjectName "c=US, s=Utah, l=YourTown, o=RockABillyDoodles, ou=IT, cn=mail.rockabilly.com" -DomainName remote.rockabilly.com, pcrserver.rockabilly.local, autodiscover.rockabilly.com, autodiscover.rockabilly.local -PrivateKeyExportable $True"  Copy and paste this request into your Exchange Server Management Shell and it will spit out the request to c:\mail_rockabilly_com.csr.  Open this in Notepad and copy and paste the request into the request fields at the site where you purchased the SSL cert. 

-Once the request is received by the registering entity, an email will be generated to approve this request.  The email will go to the contacts on the WHOIS record for the domain.  Ensure you have access to those email accounts so you can approve the request.

-Once the request is approved and you are able to download the certificate, the next step is to install it into the Exchange 2007 server.

It seems like this problem is related to an iTunes or Firefox update.  If you search the system drive for CoreFoundation.dll and simply rename the copy in the Adobe directory to something else (old-corefoundation.dll for example), it seems to fix the problem.

Mine was in C:\Program Files\Adobe\Photoshop Elements 6.0\

Check out this latest chat with an HP representative.  He tries to mask a hardware problem (faulty switch) by locking out the On Screen Display.  He insists this is the fix as well as claims I am incompetent.  LOL  Finally, "Ryan"'s supervisor "Shane" gets on the chat and replaces the monitor.  This is totally unacceptable and the average person would have settled for the band-aid instead of a full fix.  Sad how bad customer service has gotten.

 

Customer : The on-screen display on this monitor keeps popping up randomly - seems like the button is defective.

[An agent will be with you shortly.]

[You are now chatting with Ryan .]

Ryan : Welcome to HP Total Care for Desktop PCs. My name is Ryan.

Ryan : Hello Customer. How are you doing?

Customer : Good thanks

Customer : I am contacting on behalf of my client.

Customer : Their monitor keeps popping the on-screen display

Ryan : You are most welcome.

Ryan : Customer, may I know the monitor model number?

Customer : HP 2009m

Serial # CNC9100XXS

Product # FV583AA

Manufactured 3/2009

 

Ryan : Customer, may I have the monitor owner's email address and name?

Customer :

Customer : Actually, let me give you his wife's info -

Customer :

Ryan : Customer, we'll try some basic steps in this regard and see what happens.

Ryan : To lock the OSD, press and hold the Menu button while the monitor is off, and then press the Power button to turn the monitor on.

 

Customer : I am not in front of it right now. Do you have a list of steps I can send to her?

Ryan : To unlock the OSD, repeat the locking procedure.

 

Ryan : Yes Customer, infact above given are the only and ultimate steps for such issue.

Ryan : This sometimes may not work on a single try.

Customer : So this is the permanent fix? To lock it?

Ryan : So you may need to try it 2 to 3 times only if it doesn't help in the first time.

Ryan : Yes, that's correct.

Ryan : Is there anything else I can help you with today?

Customer : What is the cause of the problem?

Ryan : Customer, infact OSD (On Screen Display) is a feature given on most of the new monitors i.e. LCD monitors.

Ryan : And sometimes it gets activated by its own.

Ryan : That's what has happened here.

Customer : seems to me like a faulty switch

Ryan : So there is nothing to worry.

Customer : i've owned LCDs of all brands for 10 years and have not experienced one that pops the menu randomly

Ryan : This is a normal procedure and the steps are quite simple to sort it out.

Ryan : Alright.

Customer : my worry is that this is a hardware problem with the switch and HP should replace the monitor because of this defect.

Ryan : Customer, as I informed OSD is a feature and no way it's a hardware defect or failure.

Ryan : And infact the troubleshooting for it is very simple.

Customer : having the OSD as a feature is not the issue

Ryan : I thought you'd be knowing about this simple thing as you are a technician for a long time.

Customer : having it pop up randomly without pressing any buttons is the issue

Ryan : However now you can remember the steps and can provide her the same.

Customer : popping up randomly is NOT NORMAL

Customer : it SHOULD NOT do that

Ryan : Please rest assured. It's no way an issue and once you try the steps and see the changes.

Customer : so the button is defective and to mask the issue HP's decision is to lock it out?

Customer : I used to think HP was quality. Guess I need to stop reccommending HP products because this is not acceptable.

Ryan : Customer, do you have the monitor besides you to try these suggested steps.

Customer : again, that is not the issue, Ryan

Customer : the issue is HP is not fixing the problem, just masking it.

Ryan : Unfortunately never ever you've come across such an issue and that's the reason such a simple step is unknown to you.

Ryan : Do you want me to escalate the case to my supervisor?

Ryan : I believe you don't have any knowledge on computers at all.

Ryan : And that's the reason you are totally ignorant of computers.

Ryan : And of such a simple issue.

Customer : yes

Customer : escalate

Customer : do he speak clear english unlike you?

Ryan : Thank you.

Ryan : Yes, he writes better English than you.

Customer : i have been doing this for 15 years and have sourced all brands of computers.

Ryan : Please allow me 4-5 minutes while I escalate the case.

Customer : i have never encountered a hardware problem like this where the manufacturer wanted to mask the issue instead of fixing it.

Ryan : Still you don't have adequate knowledge on computers.

Customer : Can I have your supervisor's phone contact information as well as your employee identification information? i've got my local HP rep on the phone and they are asking these questions.

Ryan : Thank you for being online.

My supervisor will join you in 5 minutes.

Customer : please send me this information as the local HP rep is requesting it.

Ryan : My supervisor will join you in 5 minutes.

 

Ryan : And you can clarify your issues with him.

Customer : You are embarrassing the company you are representing.

Customer : I have a local representative on the phone and they are requesting your identification

Shane : Hi Customer, I am Steve supervisor of the floor.

Customer : Hi Shane

Customer : Please review the chat session.

Customer : #1 - I can't believe HP's response to this problem is to mask it

Customer : #2 - I can't believe the way your "tech" is speaking to me

Customer : I have a local representative now working on this case.

Shane : Please stay online I will check with chat session.

Customer : They are requesting your contact information so they can further investigate.

Shane : Iam sorry for inconvenience

Shane : Customer, I have checked with issue. It shows that problem is with menu button of the monitor.

Customer : Correct. So shouldn't this be replaced/repaired under warranty and not just masked by locking it out?

Customer : My problem is that if this goes out of warranty and the other buttons start failing, what is the client to do?

Customer : This is a problem with the button and it should be repaired/replaced instead of masked.

Shane : Customer, If understand you are techinican representing onbefalf of your client, is that right?

Customer : correct.

Shane : Customer, If you are intersted we can create service order which is free of cost because your pc is under warranty.

Customer : Don't you agree that this is the best thing to do in the interest of the client?

Customer : Please create the order and let me know the next steps.

Shane : Yes, Please gohead we are ready to do that.

Shane : For that please provide me shipping address and email address including the phone number of the customer.

Customer : hang on while i get that info for you...

Shane : Take your time I will be with you.

Customer : What is the process? Will a new monitor be sent and then the old one be returned?

Shane : I will let you know this, Please stay online.

Shane : Thank you for staying online.

Shane : For this service oredr we have called collateral policy:

Shane : We would be happy to process the request for a replacement part. However, the monitor drive is a collateral part. This implies that the replacement of monitor drive entails returning the faulty one. If the faulty monitor drive is returned within 15 calendar days of shipment, the replacement would be free of cost under warranty conditions. If however, the faulty monitor drive is not returned within the stipulated time, applicable charges would be levied. We would therefore need your credit card details. We do not seek credit card information through email as a policy. Please DO NOT provide any credit card information via email. Such sensitive information is sought only through phone. Please provide us with the convenient date (2 dates) and time so that we can contact you for the credit card information. Additionally, provide us with the shipping details to which we can send the part to.

 

=== HP warranty conditions for collateral parts ===

 

* All returned spare parts must be in "as new condition", and returned in the original packaging.

 

* In cases where HP did not receive the defective part within 30 calendar days of shipment of the exchange part from you then you will be charged for the exchange part. Return instructions and pre-paid shipping label are included. No charges are assessed if the unit is returned within the required time.

 

=== Additional information needed ===

 

Please provide the following information about when we can contact you:

 

* Dates and Days (2 days):

* Time to call:

* Telephone Number to call:

 

Shipping Information:

 

* Name:

* Organization:

* Mailing Address (No P.O. Boxes):

* Apartment/Building/Mailstop:

* City:

* State:

* Zip/Postal Code:

* Phone Number (including area code):

Shane : Please check with above policy and let me know is okay with you for that or not.

Customer : that looks fine.

Customer : please call  at the number listed to obtain credit card information.

Customer : anytime during the day is fine

Customer : the sooner the better

Shane : Thank you I will do it.

Shane : You will recieve call regarding this in 24 hours.

Customer : thank you

Shane : Is there anything else I can help you with?

Customer : i still need yours and Ryan's contact and/or employee identification information - my local HP representative is requesting that information.

Shane : Customer, sorry for that we cannot share our personal and offical data with customers.

Customer : The representative says there is an identification number you can give me to relay to him.

Customer : He wants to investigate this issue.

Customer : Ryan's conduct was unacceptable and he wants to pursue the issue.

Shane : Okay the chat refernece id is 1062581

Customer : Thank you. He will be in contact regarding Ryan's unacceptable customer service.

Shane : Please also provide me your client's email address.

Customer : its in the chat session above

Shane : Thank you for the information.