Wednesday, January 27, 2010
Thursday, January 21, 2010
how to kill sessions in exchange 2003
There’re several reasons why you would want to use ExMon in your environment, like mentioned above you can view, evaluate and gather real-time data about your users, which can be quite handy as it will help you as an Exchange Administrator better understand current client usage patterns and plan ahead by being proactive and perform the proper upgrades for the future.
Although ExMon is capable of showing you quite a comprehensive set of information about your users, you should bear in mind the tool at the time of this writing only is capable of showing MAPI traffic and load, not other protocols such as OWA, POP3 and IMAP.
As you can see in Figure 6 above there are 3 different views to choose between:
http://forums.msexchange.org/ultimatebb.cgi?ubb=get_topic;f=15;t=004838
Relevant Reading
Microsoft Exchange User Monitor (ExMon) tool Documentation (a must read which can be found in the ExMon installation folder)
You Had Me At EHLO...: Introducing the Microsoft Exchange User Monitor (Exmon) tool:
http://blogs.technet.com/exchange/archive/2005/04/06/403409.aspx
Download details: Microsoft Exchange Server User Monitor:
http://www.microsoft.com/downloads/details.aspx?FamilyID=9a49c22e-e0c7-4b7c-acef-729d48af7bc9&DisplayLang=en
http://www.msexchange.org/tutorials/Microsoft-Exchange-Server-User-Monitor.html
Although ExMon is capable of showing you quite a comprehensive set of information about your users, you should bear in mind the tool at the time of this writing only is capable of showing MAPI traffic and load, not other protocols such as OWA, POP3 and IMAP.
ExMon is capable of showing information such as IP addresses used by clients, Outlook versions and mode (cached mode or classic online mode) , Outlook client-side monitoring data and resource use (CPU usage, Server-side processor latency, total latency for network and processing with Outlook 2003 MAPI clients and network bytes.
Installing Microsoft Exchange Server User Monitor
Start by grabbing a copy of ExMon here.Note:
ExMon is supported on Exchange 2000 Server SP2 and higher, or Exchange Server 2003 SP1.
Now navigate to C:\Program Files\ExMon and execute ExMon.msi. The ExMon Installation wizard will fire up (see Figure 1) and you can simply click Next.
Read and accept the agreement and click Next as shown in Figure 2
Figure 1: Executing the ExMon Installation Wizard
Now select the Installation folder (default should be just fine) then click Next as in Figure 3.
Figure 2: Reading and accepting the End User Agreement
Let the installation process complete and click Finish.
Figure 3: Specifying the Installation Directory
Before we can move on and begin playing with the ExMon tool we need to do one more thing, and that is to add two registry keys - RpcEtwTracing and UsePerformanceClock to the registry (see Figure 5). Luckily you don’t have to do this manually as the ExMon installation throws an ExMon.reg file into the installation directory, which you can simply double-click on or run through a command prompt window. It’s mandatory to add these keys in order for ExMon to collect data, and my guess is they will be added automatically as part of the installation wizard in a later ExMon build.
Figure 4: Finishing the Installation Wizard
Figure 5: ExMon registry keys
Using ExMon
Now that we got ExMon properly installed let’s fire up the tool by executing the ExMon.exe file from the installation directory (C:\Program Files\ExMon). This will bring us the screen you see in Figure 6 below. As you can see we, when the first update occurs, gets a list of currently connected MAPI clients listed by resource usage.As shown in Figure 6 above ExMon by default collects data in one-minute intervals, however this can easily be adjusted by clicking the up and down buttons to the right of Update Interval (min) in the ExMon toolbar. The update interval can be anything between 1 and 30 minutes, if you want it do be more than 30 minutes you should use another data collection method. You can stop or start traces by using the play and stop buttons in the toolbar or alternatively click File > Stop or Start. You can save statistics by clicking the floppy disk icon in the toolbar or File > Save Statistics in the menu.
Figure 6: Tracing MAPI clients in ExMon
As you can see in Figure 6 above there are 3 different views to choose between:
Table 1: ExMon View types Note:
View type
Description
By User
Aggregates data about individual user’s consumption of server resources
By Version
Aggregates data about the client MAPI version
By Clientmon
Aggregates data which can help Exchange administrators quantify individual user’s experience with Outlook 2003 (previous Outlook versions is not supported with Clientmon).
Although this article demonstrates how you collect data directly with ExMon (which is the simplest method for short-term data collection) you can as well configure ExMon to collect data with the System Monitor or by using command-line tools. For more details on how this is accomplished see the ExMon documentation located in the ExMon installation directory.
The data collected by ExMon is by default saved in Event Trace Log (.ETL) files in the installation directory (C:\Program Files\ExMon), as can be seen in Figure 7 below.
Figure 7: ExMon Data Collection to Event Trace Log (.ETL) Files
Exporting Data with ExMon
All the data collected by ExMon can be exported to a comma-separated text file (.CSV) which again can be manipulated with a program such as Excel, Access or even SQL Server. This is done by running ExMon in a Command Prompt window with either -SU, -SV or -SC. For example the below command exports the By User data to a .CSV file in a directory named Data under the ExMon installation directory:ExMon.exe –SU “C:\Program Files\ExMon\data\ByUser.csv”For further details on exporting ExMon data, again see the ExMon documentation.
The dreaded Unknown StartTrace Error (183) Message
Before you start using the ExMon tool I thought I would tell you about an issue you should be aware of. There have been several cases where different Exchange administrators, when executing ExMon.exe, got an Error 183 message (shown in Figure 8), and actually I also had the pleasure of dealing with it on one of the Exchange 2003 SP1 servers, I’ve been using the tool on (after testing it out in my test lab of course).The Error 183 message can happen if ExMon crashes or is killed while collecting data, the reason being the Exchange trace continues. Personally I got a bit scared when I saw the trace just continued, but fortunately I later found out it had a limit of 512 MB where the trace will stop collecting automatically. The reason for the 183 error message is quite simple, it’s because when you try to execute ExMon (after a crash or after the process somehow got killed) it will start a new trace, while the old one is still tracing (ExMon only supports one trace at a time).
Figure 8: Unknown StartTrace Error (183)
Alright I don’t want to use this tool unless I know how to fix this problem without rebooting my Exchange production server, I hear you grumble.I fully understand! I personally had big problems finding out how to stop the Exchange trace, until I was informed of a comment (thanks to Exchange MVP Michael B. Smith) to the ExMon blogpost at You Had Me at EHLO (aka Exchange team blog), where Chris Mitchell (Software Design Engineer from the Microsoft Exchange Performance Engineering Team) did a great comment informing how you can stop a trace using Tracelog.exe which can be found in the Microsoft Driver Development Kit (DDK) for Windows 2000 Server or the Windows Server 2000 Resource Kit. You simply open a command prompt window and execute the following command:
Tracelog -stop “Exchange Event Trace”Also see Figure 9 below.
Figure 9: Stopping an ExMon trace using Tracelog.exe
Note:I hoped you found the article useful if you have any questions, comments or other feedbacks please post them to the below thread on the MSExchange.org Message boards:
Make sure the ExMon.exe process isn’t running while stopping the trace.
http://forums.msexchange.org/ultimatebb.cgi?ubb=get_topic;f=15;t=004838
Relevant Reading
Microsoft Exchange User Monitor (ExMon) tool Documentation (a must read which can be found in the ExMon installation folder)
You Had Me At EHLO...: Introducing the Microsoft Exchange User Monitor (Exmon) tool:
http://blogs.technet.com/exchange/archive/2005/04/06/403409.aspx
Download details: Microsoft Exchange Server User Monitor:
http://www.microsoft.com/downloads/details.aspx?FamilyID=9a49c22e-e0c7-4b7c-acef-729d48af7bc9&DisplayLang=en
http://www.msexchange.org/tutorials/Microsoft-Exchange-Server-User-Monitor.html
How to manually remove juniper Network Connect
| Knowledge Base ID: | KB9081 |
| Version: | 8.0 |
| Published: | 08 Oct 2008 |
| Updated: | 08 Oct 2008 |
| Categories: |  SSL VPN SSL_VPN_(IVE_OS) |
At times, due to a bad or failed installation, it may be necessary to completely remove Network Connect from the client machine.
Problem or Goal: If there are installation problems or upgrade issues you can completely remove all the files and folder associated with Network Connect before attempting to reinstall the client.
Solution: For each operating system, the files and folders that need to removed will be different. Once these are removed you can restart the Network Connect client installation.
If a folder or file listed below does not exist, move onto the next step.
For Linux:
If a folder or file listed below does not exist, move onto the next step.For Linux:
- Ensure the Network Connect Service is not running
- Delete the folder
/.juniper_networks/network_connect - Delete the following file:
/.juniper_networks/ncLinuxApp.jar - For 5.2 delete the following folders:
/usr/sbin/ncui/usr/sbin/ncsvc/usr/sbin/ncdiag
- For 5.3 and newer, delete the following folder:
/usr/local/nc
- Delete the folder
/usr//lib/logs/juniper networks - Delete the file Network Connect.app from the
/appsfolder - Empty the Trash
- Remove Juniper Networks Network Connect from Add/Remove Programs, if it exists
- Delete the following folders:
C:\Program Files\Juniper Networks\Common FilesC:\Program Files\Juniper Networks\Network Connect 5.x.xC:\Documents and Settings\\Application Data\Juniper Networks\Network Connect 5.x.x http://kb.juniper.net/KB9081
ntldr is missing press ctrl+alt+del to restart windows xp
- insert the Windows XP bootable CD into the computer.
- When prompted to press any key to boot from the CD, press any key.
- Once in the Windows XP setup menu press the "R" key to repair Windows.
- Log into your Windows installation by pressing the "1" key and pressing enter.
- You will then be prompted for your administrator password, enter that password.
- Copy the below two files to the root directory of the primary hard disk. In the below example we are copying these files from the CD-ROM drive letter, which in this case is "e." This letter may be different on your computer.
copy e:\i386\ntldr c:\
copy e:\i386\ntdetect.com c:\
- Once both of these files have been successfully copied, remove the CD from the computer and reboot.
Wednesday, January 20, 2010
not-able-to-open-drives-on-hard-disk-by-double-click
Trouble:
Sometimes it happens in windows XP that you are not able to open drives on your hard disk. When you double clicking on the drives icons or right click on the drive>>explore in My computer ,the drive does not open.
This problem is generally caused by most of the viruses which infect windows XP system. They block or restrict your access to any of the drives.
But don’t worry this is not a big trouble it can be fixed easily.
Fix:
Normally when a virus infects a windows system which causes a drive opening problem, it automatically creates a file named autorun.inf in the root directory of each drive.
This autorun.inf file is a read only ,hidden and a system file and the folder option is also disabled by the virus. This is deliberately done by the virus in order to protect itself. autorun.inf initiates all the activities that the virus performs when you try to open any drive.
You have to just delete this file and restart your system to correct this problem.
Follow the set of commands below to show and delete the autorun.inf
1. Open Start>>Run and type cmd and press enter. This will open a command prompt window. On this command prompt window type the following steps.
. type cd\ 3. type attrib -r -h -s autorun.inf
4. type del autorun.inf
5. now type d: and press enter for d: drive partition. Now repeat steps 3 and 4. Similarly repeat step 5 for all your hard disk partition.
Restart your system and your trouble will be fixed.
Sometimes it happens in windows XP that you are not able to open drives on your hard disk. When you double clicking on the drives icons or right click on the drive>>explore in My computer ,the drive does not open.
This problem is generally caused by most of the viruses which infect windows XP system. They block or restrict your access to any of the drives.
But don’t worry this is not a big trouble it can be fixed easily.
Fix:
Normally when a virus infects a windows system which causes a drive opening problem, it automatically creates a file named autorun.inf in the root directory of each drive.
This autorun.inf file is a read only ,hidden and a system file and the folder option is also disabled by the virus. This is deliberately done by the virus in order to protect itself. autorun.inf initiates all the activities that the virus performs when you try to open any drive.
You have to just delete this file and restart your system to correct this problem.
Follow the set of commands below to show and delete the autorun.inf
1. Open Start>>Run and type cmd and press enter. This will open a command prompt window. On this command prompt window type the following steps.
. type cd\ 3. type attrib -r -h -s autorun.inf
4. type del autorun.inf
5. now type d: and press enter for d: drive partition. Now repeat steps 3 and 4. Similarly repeat step 5 for all your hard disk partition.
Restart your system and your trouble will be fixed.
Monday, January 18, 2010
Data Execution Prevention Internet Explorer 8
This article explains how to fix the Data Execution Prevention error that occurs on Internet Explorer 8 and Windows in general. There are many fixes available, most websites only show you one. This website covers all Data Execution Prevention errror fixes.
DEP Error Example
Dep Error In ie8
Fix 1
Step 1 - Go to "Start" and click on "Run". Type the command "inetcpl.cpl" and press Return or click on the "Ok" button.
Step 2 - Navigate to the "Advanced" tab. Inside this tab, scroll down until you find the option "Enable memory protection to help mitigate online attacks*". Untick this option, click "Ok" and restart your internet explorer browser.
Im on Vista or Windows 7 - It wont let me untick this box?
If you have User Account Control turned on this box will be greyed out by default when you enter this window. To get around this, either turn off User Account Control or try the following....
Step 1 - Click on the vista start button. In the search box type "inetcpl.cpl" when the icon appears, right click on it and click "Run as Administrator".
Step 2 - You can now follow the steps explained above to turn off this setting.
Data Execution Prevention Fix 1
Alternative
Fix 2
Step 1 - Go to "Start" then "Run" type "regedit" hit return or press "Ok". This will take you to the registy editor.
Step 2 - Follow the link below to find the key.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Step 3 - The key you are looking for is called "DEPOff". Double click this key to modify it, give it the value of "1" (without the quotation marks). Restart your browser and try again.
Data Execution Prevention Fix 2
Other Alternative
Still Doesnt Work?! Fix 3
If these settings still didnt work, then you are using Windows Vista or Windows 7 with User Account Control Turned on!
You can try one more thing, but if it doesnt work, you will need to turn User Account Control off! I will explain how to do that after this, but try this first.
Step 1 - Click "Start" then "Run" > type "sysdm.cpl" and press return, or click "Ok". You will be faced with the system control panel.
Step 2 - Click on the "Advanced" tab. Then click on the "Settings" button for performance.
Step 3 - Click on the "Data Execution Prevention" tab.
Step 4 - Click on the "Add" Button. Browse to your internet explorer .exe file. This is normally found at "c:\program files\internet explorer\iexplore.exe".
Step 5 - Highlight it and click "Ok"
Step 6 - Tick the radio button "Turn on DEP for all programs and services except those I select"
Step 7 - Tick the box next to Internet Explorer.
Step 8 - Restart your Internet Explorer browser. Try again.
See screenshot for more help.
Data Execution Prevention Fix 3
If All Else Fails
Fix 4
This part of the article explains how to turn DEP off even in Windows 7.
This command will turn of DEP in your boot.ini which can be found in the root of c:\
1.Click on Start > Run
2.Type the command "cmd" and hit the return key.
3.Type the following command...
bcdedit.exe /set {current} nx AlwaysOff
This command will ensure that DEP is turned off across the entire computer, try the other work around's first before trying this one. This should fix the problem guaranteed.
You MUST restart your computer once this has been done for changes to take effect.
No Other Options
If all else fails you will need to turn off User Account Control for Vista and Windows 7. And apply fixes shown above.
To do this.
Click on "Start" go to your user settings by clicking on your User image on the start menu. If you have classic view you will need to navigate through Control Panel.
Under computer settings you will see "Turn User Account Control On or Off". Select this option, untick the UAC box or drag the pointer down (Windows 7) and re-start PC.
DEP Error Example
Dep Error In ie8
Fix 1
Step 1 - Go to "Start" and click on "Run". Type the command "inetcpl.cpl" and press Return or click on the "Ok" button.
Step 2 - Navigate to the "Advanced" tab. Inside this tab, scroll down until you find the option "Enable memory protection to help mitigate online attacks*". Untick this option, click "Ok" and restart your internet explorer browser.
Im on Vista or Windows 7 - It wont let me untick this box?
If you have User Account Control turned on this box will be greyed out by default when you enter this window. To get around this, either turn off User Account Control or try the following....
Step 1 - Click on the vista start button. In the search box type "inetcpl.cpl" when the icon appears, right click on it and click "Run as Administrator".
Step 2 - You can now follow the steps explained above to turn off this setting.
Data Execution Prevention Fix 1
Alternative
Fix 2
Step 1 - Go to "Start" then "Run" type "regedit" hit return or press "Ok". This will take you to the registy editor.
Step 2 - Follow the link below to find the key.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Step 3 - The key you are looking for is called "DEPOff". Double click this key to modify it, give it the value of "1" (without the quotation marks). Restart your browser and try again.
Data Execution Prevention Fix 2
Other Alternative
Still Doesnt Work?! Fix 3
If these settings still didnt work, then you are using Windows Vista or Windows 7 with User Account Control Turned on!
You can try one more thing, but if it doesnt work, you will need to turn User Account Control off! I will explain how to do that after this, but try this first.
Step 1 - Click "Start" then "Run" > type "sysdm.cpl" and press return, or click "Ok". You will be faced with the system control panel.
Step 2 - Click on the "Advanced" tab. Then click on the "Settings" button for performance.
Step 3 - Click on the "Data Execution Prevention" tab.
Step 4 - Click on the "Add" Button. Browse to your internet explorer .exe file. This is normally found at "c:\program files\internet explorer\iexplore.exe".
Step 5 - Highlight it and click "Ok"
Step 6 - Tick the radio button "Turn on DEP for all programs and services except those I select"
Step 7 - Tick the box next to Internet Explorer.
Step 8 - Restart your Internet Explorer browser. Try again.
See screenshot for more help.
Data Execution Prevention Fix 3
If All Else Fails
Fix 4
This part of the article explains how to turn DEP off even in Windows 7.
This command will turn of DEP in your boot.ini which can be found in the root of c:\
1.Click on Start > Run
2.Type the command "cmd" and hit the return key.
3.Type the following command...
bcdedit.exe /set {current} nx AlwaysOff
This command will ensure that DEP is turned off across the entire computer, try the other work around's first before trying this one. This should fix the problem guaranteed.
You MUST restart your computer once this has been done for changes to take effect.
No Other Options
If all else fails you will need to turn off User Account Control for Vista and Windows 7. And apply fixes shown above.
To do this.
Click on "Start" go to your user settings by clicking on your User image on the start menu. If you have classic view you will need to navigate through Control Panel.
Under computer settings you will see "Turn User Account Control On or Off". Select this option, untick the UAC box or drag the pointer down (Windows 7) and re-start PC.
Wednesday, January 13, 2010
Modify Default Security Policies IN WINDOWS SERVER 2008
Applies To: Windows Server 2008, Windows Server 2008 R2
To increase security, domain controllers that run Windows Server 2008 and Windows Server 2008 R2 require (by default) that all client computers attempting to authenticate to them perform Server Message Block (SMB) packet signing and secure channel signing. If your production environment includes client computers that run platforms that do not support SMB packet signing (for example, Microsoft Windows NT® 4.0 with Service Pack 2 (SP2)) or if it includes client computers that run platforms that do not support secure channel signing (for example, Windows NT 4.0 with Service Pack 3 (SP3)), you might have to modify default security policies to ensure that client computers running older versions of the Windows operating system or non-Microsoft operating systems will be able to access domain resources in the upgraded domain.
 Note |
|---|
| By modifying the settings of the default security policies, you are weakening the default security policies in your environment. Therefore, we recommend that you upgrade your Windows–based client computers as soon as possible. After all client computers in your environment are running versions of Windows that support SMB packet signing and secure channel signing, you can re-enable default security policies to increase security. |
- Microsoft network server: Digitally sign communications (always)
- Domain member: Digitally encrypt or sign secure channel data (always)
Membership in Domain Admins or Enterprise Admins, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at http://go.microsoft.com/fwlink/?LinkId=83477.
To disable SMB packet signing enforcement based domain controllers
- To open GPMC, click Start, click Run, type gpmc.msc, and then click OK.
- In the console tree, right-click Default Domain Controllers Policy in Domains\Current Domain Name\Group Policy objects\Default Domain Controllers Policy, and then click Edit.
- In the Group Policy Management Editor window, in the console tree, go to Computer Configuration/Policies/Windows Settings/Security Settings/Local Policies/Security Options.
- In the details pane, double-click Microsoft network server: Digitally sign communications (always).
- Verify that the Define this policy setting check box is selected, click Disabled to prevent SMB packet signing from being required, and then click OK.
To apply the Group Policy change immediately, either restart the domain controller or open a command prompt, type the following command, and then press ENTER:
Tuesday, January 12, 2010
unlock problem in lenovo t 400
once after locking the system , it is very difficult to unlock the system. the only way is to restart the laptop.
resolution: uninstall fingerprint software and download and reinstall the latest one from lenovo site.
resolution: uninstall fingerprint software and download and reinstall the latest one from lenovo site.
Monday, January 11, 2010
Siebel High Interactivity Framework
First time I installed Siebel 8.0 on my new laptop and tried opening Sample Dedicated client but system prompt a message saying that :
"Your version of the Siebel High Interactivity Framework for IE, required for use of this Siebel application, may not be current. In order to download a current version of the Siebel High Interactivity Framework, please ensure that your browser security settings are correct and then log in to the application again. Consult your system administrator for details about the Siebel High Interactivity Framework and correct browser settings"
Now, this seems very easy as it was just asking for download it and everybody know when you open Siebel client for the first time, it automatically get downloaded on to the machine.
But, now let me tell what was the issue I was facing and how I got rid of it. When this message was appearing in, a bar was appearing under the Address bar in the Internet Explorer (to install the ActiveX Control) which requires a click so that it can install the Siebel High Interactivity framework (SHIF), but I was not able to click on that because at that moment the popup message was on screen with the "Ok" button. Once I click on "Ok" Siebel client gets closed since SHIF was not there. Again tried opening Siebel client, again the same message with Ok Button and the bar was appearing at the top of the screen where I can't click. Clicked on "OK", Siebel client got closed...... frustration!!!!
I thought it was due to some pop-up blocker or something, so I tried to change the browser settings but didn't get rid of it. Finally got one trick by which it got resolved. Here it is :
While opening Siebel Client, keep pressing "Ctrl" button on the keyboard and observe the difference. This time I didn't get the prompt message and automatically it prompt with the message of installing the SHIF and I clicked on Install and everything worked fine after that..... no issues.
"Your version of the Siebel High Interactivity Framework for IE, required for use of this Siebel application, may not be current. In order to download a current version of the Siebel High Interactivity Framework, please ensure that your browser security settings are correct and then log in to the application again. Consult your system administrator for details about the Siebel High Interactivity Framework and correct browser settings"
Now, this seems very easy as it was just asking for download it and everybody know when you open Siebel client for the first time, it automatically get downloaded on to the machine.
But, now let me tell what was the issue I was facing and how I got rid of it. When this message was appearing in, a bar was appearing under the Address bar in the Internet Explorer (to install the ActiveX Control) which requires a click so that it can install the Siebel High Interactivity framework (SHIF), but I was not able to click on that because at that moment the popup message was on screen with the "Ok" button. Once I click on "Ok" Siebel client gets closed since SHIF was not there. Again tried opening Siebel client, again the same message with Ok Button and the bar was appearing at the top of the screen where I can't click. Clicked on "OK", Siebel client got closed...... frustration!!!!
I thought it was due to some pop-up blocker or something, so I tried to change the browser settings but didn't get rid of it. Finally got one trick by which it got resolved. Here it is :
While opening Siebel Client, keep pressing "Ctrl" button on the keyboard and observe the difference. This time I didn't get the prompt message and automatically it prompt with the message of installing the SHIF and I clicked on Install and everything worked fine after that..... no issues.
Friday, January 8, 2010
Outlook "Disconnected"
Is your Outlook showing "Disconnected" in the bottom right corner and you're connecting to an Exchange Server (not POP, etc.)?
All the following information is to be used at your own risk – I have successfully used all the below methods in production environments, and without issue. I cannot, however, speak for your environment. Please be sure to consult with your local IT support before acting on any of this advice.
Quick troubleshooting check list (detailed explanations follow):
1. Is the issue affecting multiple users or only one?
If multiple staff are affected, this blog can't help you [yet].
2. Can you ‘ping’ the Exchange server from the PC with the issue?
3. Check network cable / confirm access to other network resources is without issue
4. Try restart the PC
5. Is Outlook in 'Work Offline' mode?
6. Try setting Outlook to 'Work Offline' mode and then taking it out of 'Work Offline' mode again
7. Clear the PC's Local Security Log / Logs and then restart the PC
8. Try an Active Directory (LAN) account password reset / unlock / status check.
Make sure it hasn't expired / been suspended too.
9. Create a new Outlook profile via the 'mail' Control Panel and set it to the default
10. Try a 'Detect and Repair' from Outlook's Help menu or Repair Office via Add / Remove Programs Control Panel
11. Try disabling 'Cached Exchange Mode' (last resort and should only be used as a workaround until proper resolution is found)
12. Call Microsoft support in your country
All the following information is to be used at your own risk – I have successfully used all the below methods in production environments, and without issue. I cannot, however, speak for your environment. Please be sure to consult with your local IT support before acting on any of this advice.
Quick troubleshooting check list (detailed explanations follow):
1. Is the issue affecting multiple users or only one?
If multiple staff are affected, this blog can't help you [yet].
2. Can you ‘ping’ the Exchange server from the PC with the issue?
3. Check network cable / confirm access to other network resources is without issue
4. Try restart the PC
5. Is Outlook in 'Work Offline' mode?
6. Try setting Outlook to 'Work Offline' mode and then taking it out of 'Work Offline' mode again
7. Clear the PC's Local Security Log / Logs and then restart the PC
8. Try an Active Directory (LAN) account password reset / unlock / status check.
Make sure it hasn't expired / been suspended too.
9. Create a new Outlook profile via the 'mail' Control Panel and set it to the default
10. Try a 'Detect and Repair' from Outlook's Help menu or Repair Office via Add / Remove Programs Control Panel
11. Try disabling 'Cached Exchange Mode' (last resort and should only be used as a workaround until proper resolution is found)
12. Call Microsoft support in your country
Monday, January 4, 2010
after removing internet security 2010 system logs off automatically
Run regedit from other machine on the same network as the problem PC.
click File > Connect to Another PC
need to be domain administrator while connecting registry of the fault pc to your pc( login as domain administrator)
Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
In the right pane, you should see
C:\WINDOWS\System32\wsaupdater.exe,
Change it so that it reads:
C:\WINDOWS\System32\userinit.exe
click File > Connect to Another PC
need to be domain administrator while connecting registry of the fault pc to your pc( login as domain administrator)
Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
In the right pane, you should see
C:\WINDOWS\System32\wsaupdater.exe,
Change it so that it reads:
C:\WINDOWS\System32\userinit.exe
How to Remove Internet Security 2010
How to Remove Internet Security 2010
Updated Jan 2, 2010
Internet Security 2010 screenshot The new badware Internet Security 2010 has a few new tricks up its sleeve. It does the usual stuff—phony scans, Internet Security 2010 pop-up alerts—but the people behind this program are more creative than most badware clowns.
For one thing, when you start certain programs, it says, “Application cannot be executed. The file is infected. Please activate your antivirus software.” And when you run certain file formats, you’ll get this alert:
Windows can`t play the folowing media formats: AVI;WMV;AVS;FLV;MKV;MOV;3GP;MP4;MPG;MPEG;MP3;AAC;WAV;WMA;CDA;FLAC;M4A;MID. Update your video and sound codec to resolve this issue.
It also interrupts your startup process, hijacks your browser, and wreaks all-around havoc on your system. Luckily, it’s easy to remove. Read on, and I’ll show you how to uninstall Internet Security 2010 for free.
GET RID of Internet Security 2010
* Manually remove Internet Security 2010 with step-by-step instructions
* Download Spyware Doctor to automatically remove Internet Security 2010
* You can download award-winning, anti-badware software SpywareDoctor to easily remove Internet Security 2010. Want to know why I dig SpywareDoctor? Read my review.
Do You Have Internet Security 2010?
When you’re infected with badware — whether it’s Internet Security 2010, spyware, adware, a Trojan, or a virus — there are a few key symptoms. Have you noticed…
* Slow computer performance: It just takes one parasite like Internet Security 2010 to slow your computer dramatically. If your PC takes longer than usual to reboot, or if your Internet connection is unusually slow, you may be infected with Internet Security 2010.
* New desktop shortcuts or switched homepage: Badware like Internet Security 2010 may change your Internet settings to redirect your homepage to another site. Badware can even add desktop shortcuts to your PC.
* Annoying popups: Badware can bombard your computer with popup ads, even when you’re not online. Through these popups, you may be tricked into downloading more spyware.
How to Remove Internet Security 2010 Manually
Internet Security 2010 warning Before we get started, you should backup your system and your registry, so it’ll be easy to restore your computer if anything goes wrong.
To remove Internet Security 2010 manually, you need to delete Internet Security 2010 files. Not sure how to delete Internet Security 2010 files? Click here, and I’ll show you. Otherwise, go ahead and…
Stop Internet Security 2010 processes:
IS2010.exe
41.exe
winlogon86.exe
winupdate86.exe
Remove Internet Security 2010 registry values:
HKEY_CURRENT_USER\Software\IS2010
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Internet Security 2010″
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “winupdate86.exe”
Remove Internet Security 2010 DLLs:
c:\WINDOWS\system32\winhelper86.dll
Delete Internet Security 2010 files:
c:\Program Files\InternetSecurity2010\IS2010.exe
c:\WINDOWS\system32\41.exe
c:\WINDOWS\system32\winlogon86.exe
c:\WINDOWS\system32\winupdate86.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk
%UserProfile%\Desktop\Internet Security 2010.lnk
%UserProfile%\Start Menu\Internet Security 2010.lnk
Get rid of Internet Security 2010 folders:
c:\s
c:\Program Files\InternetSecurity2010
Note: In any Internet Security 2010 files I mention above, “%UserProfile%” is a variable referring to your current user’s profile folder. If you’re using Windows NT/2000/XP, by default this is “C:\Documents and Settings\[CURRENT USER]” (e.g., “C:\Documents and Settings\JoeSmith”). If you have any questions about manual Internet Security 2010 removal, go ahead and leave a comment.
How Do You Remove Internet Security 2010 Files?
Need help figuring out how to delete Internet Security 2010 files? While there’s some risk involved, and you should only manually remove Internet Security 2010 files if you’re comfortable editing your system, you’ll find it’s fairly easy to delete Internet Security 2010 files in Windows.
How to delete Internet Security 2010 files in Windows XP and Vista:
1. Click your Windows Start menu, and then click “Search.”
2. A speech bubble will pop up asking you, “What do you want to search for?” Click “All files and folders.”
3. Type a Internet Security 2010 file in the search box, and select “Local Hard Drives.”
4. Click “Search.” Once the file is found, delete it.
How to stop Internet Security 2010 processes:
1. Click the Start menu, select Run.
2. Type taskmgr.exe into the the Run command box, and click “OK.” You can also launch the Task Manager by pressing keys CTRL + Shift + ESC.
3. Click Processes tab, and find Internet Security 2010 processes.
4. Once you’ve found the Internet Security 2010 processes, right-click them and select “End Process” to kill Internet Security 2010.
How to remove Internet Security 2010 registry keys:
Internet Security 2010 warning Because your registry is such a key piece of your Windows system, you should always backup your registry before you edit it. Editing your registry can be intimidating if you’re not a computer expert, and when you change or a delete a critical registry key or value, there’s a chance you may need to reinstall your entire system. Make sure your backup your registry before editing it.
1. Select your Windows menu “Start,” and click “Run.” An “Open” field will appear. Type “regedit” and click “OK” to open up your Registry Editor.
2. Registry Editor will open as a window with two panes. The left side Registry Editor’s window lets you select various registry keys, and the right side displays the registry values of the registry key you select.
3. To find a registry key, such as any Internet Security 2010 registry keys, select “Edit,” then select “Find,” and in the search bar type any of Internet Security 2010’s registry keys.
4. As soon as Internet Security 2010 registry key appears, you can delete the Internet Security 2010 registry key by right-clicking it and selecting “Modify,” then clicking “Delete.”
How to delete Internet Security 2010 DLL files:
1. First locate Internet Security 2010 DLL files you want to delete. Open your Windows Start menu, then click “Run.” Type “cmd” in Run, and click “OK.”
2. To change your current directory, type “cd” in the command box, press your “Space” key, and enter the full directory where the Internet Security 2010 DLL file is located. If you’re not sure if the Internet Security 2010 DLL file is located in a particular directory, enter “dir” in the command box to display a directory’s contents. To go one directory back, enter “cd ..” in the command box and press “Enter.”
3. When you’ve located the Internet Security 2010 DLL file you want to remove, type “regsvr32 /u SampleDLLName.dll” (e.g., “regsvr32 /u jl27script.dll”) and press your “Enter” key.
That’s it. If you want to restore any Internet Security 2010 DLL file you removed, type “regsvr32 DLLJustDeleted.dll” (e.g., “regsvr32 jl27script.dll”) into your command box, and press your “Enter” key.
Did Internet Security 2010 change your homepage?
1. Click Windows Start menu > Control Panel > Internet Options.
2. Under Home Page, select the General > Use Default.
3. Type in the URL you want as your home page (e.g., “http://www.homepage.com”).
4. Select Apply > OK.
5. You’ll want to open a fresh web page and make sure that your new default home page pops up.
Internet Security 2010 Removal Tip
Is your computer acting funny after deleting any Internet Security 2010 files? I recommend using a program like File Recover from PC Tools. File Recover saves deleted files that otherwise can’t be recovered by Windows operating sytem.
Want to save time finding Internet Security 2010 files? Download Spyware Doctor, let it find the Internet Security 2010 files for you, and then manually delete Internet Security 2010 files.
How Did You Get Internet Security 2010?
Wondering how Internet Security 2010 ended up on your PC? If you’re infected with Internet Security 2010 or other badware, perhaps you were using…
* Freeware or shareware: Did you download and install shareware or freeware? These low-cost or free software applications may come bundled with spyware, adware, or programs like Internet Security 2010. Sometimes adware is attached to the free software to “pay” developers for the cost of creating the software, and more often spyware is secretly attached to free software to harm your computer and steal your personal and financial information.
* Peer-to-peer software: Do you use a peer-to-peer (P2P) program or other application with a shared network? When you use these applications, you put your system at risk for unknowingly downloading an infected file, including applications like Internet Security 2010.
* Questionable websites: Did you visit a website that’s of questionable nature? When you visit malicious sites that are fishy and phishy, badware may be automatically downloaded and installed onto your computer, sometimes including applications like Internet Security 2010. I recommend you use Firefox web browser, if you don’t already.
Understanding Internet Security 2010
If you’re infected with Internet Security 2010, you should know what you’re fighting. I’ll explain some definitions related to Internet Security 2010.
Internet Security 2010 May Be Rogue Anti-Spyware
Rogue anti-spyware refers to anti-spyware/antivirus software of questionable value. Rogue anti-spyware may not be proven to protect your computer from spyware, may popup fake alerts or create many false positives about your PC being infected, or may use scare tactics to try to get you to purchase the application. Rogue anti-spyware software may be installed by a Trojan, come bundled with other software, or install itself through web browser security holes. While it is fairly rare, some rogue anti-spyware is created and distributed by known spyware or adware companies, and the rogue anti-spyware may install spyware or adware itself.
Often when you’re infected with rogue anti-spyware like Internet Security 2010, you’ll see a false popup security alert like this:
Internet Security 2010 popup
Rogue Anti-Spyware Tactics
Typically, rogue anti-spyware such as Internet Security 2010 has one or more of the qualities listed below, which is why rogue anti-spyware is considered anti-spyware software of questionable value.
* False positives/fake alerts: Rogue anti-spyware may produce a large number of false positives or use fake alerts, noting that your computer is infected with spyware parasites or other threats that do not really exist.
* Copycat looks: Rogue anti-spyware may copy the look and feel of other legitimate or rogue anti-spyware applications. Often, rogue anti-spyware applications may appear as close clones of other rogue anti-spyware software.
* High pressure marketing: Rogue anti-spyware may use scare tactics or other aggressive advertising and marketing tactics to try to trick you into buying the rogue anti-spyware application. Often, rogue anti-spyware may produce false positives and fake alerts about your computer being infected.
* Poor detection/scan reporting: Rogue anti-spyware may produce poor reports when it scans your PC. For example, rogue anti-spyware may say your computer is infected 11 parasites, but not specify which spyware parasites or what type of parasites. Rogue anti-spyware may also report that your PC is infected with SafeAndClean, but not tell you which related files, DLLS, etc. were found on your computer.
* Weak scanning/detection: Rogue anti-spyware may not only poorly report on computer infection, but rogue antispyware may also poorly scan your PC. Rogue anti-spyware may skip over important folders and files of your computer that should be scanned to detect spyware.
Updated Jan 2, 2010
Internet Security 2010 screenshot The new badware Internet Security 2010 has a few new tricks up its sleeve. It does the usual stuff—phony scans, Internet Security 2010 pop-up alerts—but the people behind this program are more creative than most badware clowns.
For one thing, when you start certain programs, it says, “Application cannot be executed. The file is infected. Please activate your antivirus software.” And when you run certain file formats, you’ll get this alert:
Windows can`t play the folowing media formats: AVI;WMV;AVS;FLV;MKV;MOV;3GP;MP4;MPG;MPEG;MP3;AAC;WAV;WMA;CDA;FLAC;M4A;MID. Update your video and sound codec to resolve this issue.
It also interrupts your startup process, hijacks your browser, and wreaks all-around havoc on your system. Luckily, it’s easy to remove. Read on, and I’ll show you how to uninstall Internet Security 2010 for free.
GET RID of Internet Security 2010
* Manually remove Internet Security 2010 with step-by-step instructions
* Download Spyware Doctor to automatically remove Internet Security 2010
* You can download award-winning, anti-badware software SpywareDoctor to easily remove Internet Security 2010. Want to know why I dig SpywareDoctor? Read my review.
Do You Have Internet Security 2010?
When you’re infected with badware — whether it’s Internet Security 2010, spyware, adware, a Trojan, or a virus — there are a few key symptoms. Have you noticed…
* Slow computer performance: It just takes one parasite like Internet Security 2010 to slow your computer dramatically. If your PC takes longer than usual to reboot, or if your Internet connection is unusually slow, you may be infected with Internet Security 2010.
* New desktop shortcuts or switched homepage: Badware like Internet Security 2010 may change your Internet settings to redirect your homepage to another site. Badware can even add desktop shortcuts to your PC.
* Annoying popups: Badware can bombard your computer with popup ads, even when you’re not online. Through these popups, you may be tricked into downloading more spyware.
How to Remove Internet Security 2010 Manually
Internet Security 2010 warning Before we get started, you should backup your system and your registry, so it’ll be easy to restore your computer if anything goes wrong.
To remove Internet Security 2010 manually, you need to delete Internet Security 2010 files. Not sure how to delete Internet Security 2010 files? Click here, and I’ll show you. Otherwise, go ahead and…
Stop Internet Security 2010 processes:
IS2010.exe
41.exe
winlogon86.exe
winupdate86.exe
Remove Internet Security 2010 registry values:
HKEY_CURRENT_USER\Software\IS2010
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Internet Security 2010″
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “winupdate86.exe”
Remove Internet Security 2010 DLLs:
c:\WINDOWS\system32\winhelper86.dll
Delete Internet Security 2010 files:
c:\Program Files\InternetSecurity2010\IS2010.exe
c:\WINDOWS\system32\41.exe
c:\WINDOWS\system32\winlogon86.exe
c:\WINDOWS\system32\winupdate86.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk
%UserProfile%\Desktop\Internet Security 2010.lnk
%UserProfile%\Start Menu\Internet Security 2010.lnk
Get rid of Internet Security 2010 folders:
c:\s
c:\Program Files\InternetSecurity2010
Note: In any Internet Security 2010 files I mention above, “%UserProfile%” is a variable referring to your current user’s profile folder. If you’re using Windows NT/2000/XP, by default this is “C:\Documents and Settings\[CURRENT USER]” (e.g., “C:\Documents and Settings\JoeSmith”). If you have any questions about manual Internet Security 2010 removal, go ahead and leave a comment.
How Do You Remove Internet Security 2010 Files?
Need help figuring out how to delete Internet Security 2010 files? While there’s some risk involved, and you should only manually remove Internet Security 2010 files if you’re comfortable editing your system, you’ll find it’s fairly easy to delete Internet Security 2010 files in Windows.
How to delete Internet Security 2010 files in Windows XP and Vista:
1. Click your Windows Start menu, and then click “Search.”
2. A speech bubble will pop up asking you, “What do you want to search for?” Click “All files and folders.”
3. Type a Internet Security 2010 file in the search box, and select “Local Hard Drives.”
4. Click “Search.” Once the file is found, delete it.
How to stop Internet Security 2010 processes:
1. Click the Start menu, select Run.
2. Type taskmgr.exe into the the Run command box, and click “OK.” You can also launch the Task Manager by pressing keys CTRL + Shift + ESC.
3. Click Processes tab, and find Internet Security 2010 processes.
4. Once you’ve found the Internet Security 2010 processes, right-click them and select “End Process” to kill Internet Security 2010.
How to remove Internet Security 2010 registry keys:
Internet Security 2010 warning Because your registry is such a key piece of your Windows system, you should always backup your registry before you edit it. Editing your registry can be intimidating if you’re not a computer expert, and when you change or a delete a critical registry key or value, there’s a chance you may need to reinstall your entire system. Make sure your backup your registry before editing it.
1. Select your Windows menu “Start,” and click “Run.” An “Open” field will appear. Type “regedit” and click “OK” to open up your Registry Editor.
2. Registry Editor will open as a window with two panes. The left side Registry Editor’s window lets you select various registry keys, and the right side displays the registry values of the registry key you select.
3. To find a registry key, such as any Internet Security 2010 registry keys, select “Edit,” then select “Find,” and in the search bar type any of Internet Security 2010’s registry keys.
4. As soon as Internet Security 2010 registry key appears, you can delete the Internet Security 2010 registry key by right-clicking it and selecting “Modify,” then clicking “Delete.”
How to delete Internet Security 2010 DLL files:
1. First locate Internet Security 2010 DLL files you want to delete. Open your Windows Start menu, then click “Run.” Type “cmd” in Run, and click “OK.”
2. To change your current directory, type “cd” in the command box, press your “Space” key, and enter the full directory where the Internet Security 2010 DLL file is located. If you’re not sure if the Internet Security 2010 DLL file is located in a particular directory, enter “dir” in the command box to display a directory’s contents. To go one directory back, enter “cd ..” in the command box and press “Enter.”
3. When you’ve located the Internet Security 2010 DLL file you want to remove, type “regsvr32 /u SampleDLLName.dll” (e.g., “regsvr32 /u jl27script.dll”) and press your “Enter” key.
That’s it. If you want to restore any Internet Security 2010 DLL file you removed, type “regsvr32 DLLJustDeleted.dll” (e.g., “regsvr32 jl27script.dll”) into your command box, and press your “Enter” key.
Did Internet Security 2010 change your homepage?
1. Click Windows Start menu > Control Panel > Internet Options.
2. Under Home Page, select the General > Use Default.
3. Type in the URL you want as your home page (e.g., “http://www.homepage.com”).
4. Select Apply > OK.
5. You’ll want to open a fresh web page and make sure that your new default home page pops up.
Internet Security 2010 Removal Tip
Is your computer acting funny after deleting any Internet Security 2010 files? I recommend using a program like File Recover from PC Tools. File Recover saves deleted files that otherwise can’t be recovered by Windows operating sytem.
Want to save time finding Internet Security 2010 files? Download Spyware Doctor, let it find the Internet Security 2010 files for you, and then manually delete Internet Security 2010 files.
How Did You Get Internet Security 2010?
Wondering how Internet Security 2010 ended up on your PC? If you’re infected with Internet Security 2010 or other badware, perhaps you were using…
* Freeware or shareware: Did you download and install shareware or freeware? These low-cost or free software applications may come bundled with spyware, adware, or programs like Internet Security 2010. Sometimes adware is attached to the free software to “pay” developers for the cost of creating the software, and more often spyware is secretly attached to free software to harm your computer and steal your personal and financial information.
* Peer-to-peer software: Do you use a peer-to-peer (P2P) program or other application with a shared network? When you use these applications, you put your system at risk for unknowingly downloading an infected file, including applications like Internet Security 2010.
* Questionable websites: Did you visit a website that’s of questionable nature? When you visit malicious sites that are fishy and phishy, badware may be automatically downloaded and installed onto your computer, sometimes including applications like Internet Security 2010. I recommend you use Firefox web browser, if you don’t already.
Understanding Internet Security 2010
If you’re infected with Internet Security 2010, you should know what you’re fighting. I’ll explain some definitions related to Internet Security 2010.
Internet Security 2010 May Be Rogue Anti-Spyware
Rogue anti-spyware refers to anti-spyware/antivirus software of questionable value. Rogue anti-spyware may not be proven to protect your computer from spyware, may popup fake alerts or create many false positives about your PC being infected, or may use scare tactics to try to get you to purchase the application. Rogue anti-spyware software may be installed by a Trojan, come bundled with other software, or install itself through web browser security holes. While it is fairly rare, some rogue anti-spyware is created and distributed by known spyware or adware companies, and the rogue anti-spyware may install spyware or adware itself.
Often when you’re infected with rogue anti-spyware like Internet Security 2010, you’ll see a false popup security alert like this:
Internet Security 2010 popup
Rogue Anti-Spyware Tactics
Typically, rogue anti-spyware such as Internet Security 2010 has one or more of the qualities listed below, which is why rogue anti-spyware is considered anti-spyware software of questionable value.
* False positives/fake alerts: Rogue anti-spyware may produce a large number of false positives or use fake alerts, noting that your computer is infected with spyware parasites or other threats that do not really exist.
* Copycat looks: Rogue anti-spyware may copy the look and feel of other legitimate or rogue anti-spyware applications. Often, rogue anti-spyware applications may appear as close clones of other rogue anti-spyware software.
* High pressure marketing: Rogue anti-spyware may use scare tactics or other aggressive advertising and marketing tactics to try to trick you into buying the rogue anti-spyware application. Often, rogue anti-spyware may produce false positives and fake alerts about your computer being infected.
* Poor detection/scan reporting: Rogue anti-spyware may produce poor reports when it scans your PC. For example, rogue anti-spyware may say your computer is infected 11 parasites, but not specify which spyware parasites or what type of parasites. Rogue anti-spyware may also report that your PC is infected with SafeAndClean, but not tell you which related files, DLLS, etc. were found on your computer.
* Weak scanning/detection: Rogue anti-spyware may not only poorly report on computer infection, but rogue antispyware may also poorly scan your PC. Rogue anti-spyware may skip over important folders and files of your computer that should be scanned to detect spyware.
Subscribe to:
Posts (Atom)