This week Forrester Research analyst Thomas Mendel published a report that claims that Windows Vista has been "rejected" in the enterprise and suggests to his customers that they should re-evaluate their Windows Vista deployments and consider waiting for Windows 7.  Not surprisingly, this is something that we, our millions of enterprise customers, and a bunch of pesky statistics don't agree with.  Heck, even Forrester doesn't agree with Forrester!  Let me explain:

First, this report doesn't reflect the normal enterprise OS adoption cycle. Enterprise adoption of OSes has always been much slower than consumer adoption.   After all, upgrading the PC in your living room is easy, but upgrading an entire front and back end infrastructure to thousands of users without downtime is much more complex, and that takes time.  Computerworld contributing author (and Microsoft partner) David Feng just wrote an article about this, too.  Mendel's report, however, simply skims over this common knowledge.

What is even more puzzling is that Mr. Mendel's report directly contradicts another Forrester report titled, "Building the Business Case for Windows Vista," which was written by fellow analyst Ben Gray.  This report outlines the five main reasons why enterprises should start their company's migration to Windows Vista now.  You can read it for yourself here.  Mendel's report also goes against other industry analyst reports that show that Windows Vista adoption is progressing faster, or at the very least, just as fast, as Windows XP adoption did when it first launched.

It's also important to note that we've sold 180 million copies of Windows Vista so far, 40 million of which were in the last quarter alone, and that there are thousands of enterprise customers deploying Windows Vista by the thousands of seats on a weekly basis, including heavy hitters like The United States Air Force, PPG Industries, and Cerner. 

Given that there's a mountain of evidence to refute this report - including multiple reports from Forrester and other top-tier analysts - this appears to be more focused on making sensationalist statements, rather than offering a thoughtful industry perspective, based on conversations with IT operations professionals or deep knowledge of enterprise deployment cycles. How is this useful guidance to customers?  It's disappointing to see such a respected organization like Forrester take this approach. 

- Chris

In case you have been living under a rock for the past month you have most likely heard about the DNS cache exploit recently discovered by Dan Kaminsky.  This might be one of the most severe flaws discovered as it was cross platform affecting everything from Windows to Linux, UNIX, Cisco IOS etc....  It was so big in fact that all the major vendors worked together to get the patch issued on the same day.  The flaw would allow an attacker to insert a malicious DNS record into the cache.  As an end user you type in www.technet.com and rather than get the proper IP address the cache delivers the malicious IP address sending you to ????  You can find out more on the details of the flaw at Dan's blog.

You should also make sure that you are patched.  Make sure that your upstream ISP DNS servers are patched by calling them or using Dan's DNS Checker at the top of his website.

So why all of a sudden a rush to ensure you are patched?  Well the patches issued by the vendors have been reverse engineered and exploit code has been published!  Dan has said many times that this is an extremely easy to launch exploit that could be implemented in seconds.

MS08-037 - Vulnerabilities in DNS Could Allow Spoofing (953230)

KB953230 - Vulnerabilities in DNS could allow spoofing

Go. Read. Patch. Now.

And when you are done, copy and paste this blog post to your blog, email it to your IT Pro buddies, get the word out!

If you have links to the patches from other vendors, please leave a comment with the URL!

Do you know what XLG Security Center is?

DESCRIPTION

XLG Security Center was discovered to be a clone of XLGuarder which is a rogue anti-spyware program causing issues for computer users all over the world. XLG Security Center pretends to be a full security software suit that helps you remove or prevent spyware and other infections. XLG Security Center is far from doing any of this.

XLG Security Center tries it’s best to get you to purchase the full version of the XLG Security Center program through popus, system alerts and fake scan reports. XLG Security Center may also spread the XLGuarder program onto your system which is no better than having XLG Security Center installed. XLG Security Center has a silhouette of a woman which we think is part of the voice that you hear when XLG Security Center is run. This most deceptive thing about XLG Security Center is that you cannot close the program unless you end process or completely remove it.

Aliases: XLG Security Center, XLG SecurityCenter, XLGSecurityCenter.

In non-techie terms: XLG Security Center is not much different from many other rogue anti-spyware programs that are infecting computer users today. The web site xlguarder.com is known to offer a download of XLG Security Center. Do not voluntarily download, install or purchase XLG Security Center under any circumstances.

XLG Security Center screen shot image:

XLG Security Center Automatic Removal Instructions

This automatic removal method is for non-techie computer users. If you’re too lazy to learn about spyware removal or how to access sensitive files in your computer, then this is the method for you.
Before you start: Print or bookmark these instructions because you’ll have to reboot into Safe Mode. Also back up your computer in case you make a mistake.

1. Download and save SmitFraudFix to your desktop.
2. Restart your computer in Safe Mode (how to do safe mode). Once the
   desktop appears, double click on the SmitfraudFix.exe on your desktop.
3. After the credits screen, you’ll see a menu. Select the option number 2, which is ‘Clean (safe mode recommended)’, and then
   press Enter to delete infect files.
4. SmitFraudFix will begin cleaning your computer and take a series of cleanup processes. When the process is over, it will automatically begin the Disk Cleanup program.
5. Once the Disk Cleanup program is complete, you will be prompted with the message ‘Registry cleaning - Do you want to clean the registry’. Answer Y (Yes) and hit Enter. Reboot your computer.
6. SmitFraudFix will now check if wininet.dll is infected. SmitFraudFix will ask you whether to replace the infected file (if there’s any) ‘Replace infected
   file?’ Answer by typing Y (Yes) and hit Enter.
7. Reboot your computer to complete the cleaning process.
8. After reboot, a Notepad screen may appear containing a log of all the files
   removed from your computer. If it doesn’t appear, a file will be created called
   rapport.txt in the root of your drive, (Local Disk C:).
9. Restart your computer in Safe Mode (how to do safe mode).
10. Go to C:\Windows\Temp, click Edit, click Select All, press DELETE, and then
    click Yes to confirm that you want all the items to go to the Recycle Bin.
11. Go to C:\Documents and Settings\[LISTED USER]\Local Settings\Temp, click Edit, click Select All, press DELETE, and then click Yes to confirm that
    you want all the items to go to the Recycle Bin.
12. Reboot your computer back to normal mode. Go to Windows Update and download all critical updates.

XLG Security Center Manual Removal Instructions

This manual removal method is for techie computer users. XLG Security Center manual removal may be difficult and time consuming to remove. There’s no guarantee that XLG Security Center will be removed completely. So read the XLG Security Center removal steps carefully and good luck.
Before you start: Close all programs and Internet browsers. Also back up your computer in case you make a mistake and your computer stops working.

1. Uninstall XLG Security Center Program
   Click on Start > Settings > Control Panel > Double-click on Add/Remove Programs. Search for and uninstall XLG Security Center if found.
2. To stop XLG Security Center processes (view process removal steps)
   Go to Start > Run > type taskmgr. The click the Processes tab and you’ll see a list of running processes.
   Search and stop these XLG Security Center processes:
   winsystip.exe
   sysutil.exe
   uninstall.exe
   sysutil_s.exe
   For each unwanted process, right-click on it and then select “End task”.
3. To Unregister XLG Security Center DLLs (view DLL removal steps)
   Search and unregister these XLG Security Center DLLs:
   iebho.dll

   To locate the XLG Security Center DLL path, go to Start > Search > All Files or Folders. Type XLG Security Center and in the Look in: select either My Computer or Local Hard Drives. Click the Search button.
   Once you have the XLG Security Center DLL path, go to Start and then click on Run. In the Run command box, type cmd, and then click on OK.
   To locate the exact DLL path, type cd in order to change the current directory. To display the contents of the directory, use the dir command. To remove the DLL file type regsvr32 /u FILENAME.dll (FILENAME is the name of the file that you want to unregister).

4. To unregister XLG Security Center registry keys (view registry keys removal steps)
   Go to Start > Run > type regedit > press OK.
   Edit the value (on the right pane) by right-clicking on it and selecting the Modify option. Select the Delete option.
   Search and delete these XLG Security Center registry keys:

   HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallsysutils
   HKEY_ALL_USERSSoftwareMicrosoftWindows NTCurrentVersionWinlogon”Shell” = “%Windir%sysutilssysutil.exe”
   HKEY_ALL_USERSSoftwaresysutils
   HKEY_CLASSES_ROOTCLSID{D032570A-5F63-4812-A094-87D007C23012}
   HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D032570A-5F63-4812-A094-87D007C23012}
   HKEY_CLASSES_ROOTiebho.TIEAdvBHO
   

5. If your homepage has been changed, go to Start > Control Panel > Internet Options > click on the General > click Use Default under Home Page. Add the your desired default homepage, then click Apply > click OK. Open a new web browser to check that you have your desired default homepage.
6. Remove XLG Security Center Directories.
   To find XLG Security Center directories, go to Start > My Computer > Local Disk (C:) > Program Files > Show the contents of this folder.
   Search and delete the following XLG Security Center directories:
   C:\ProgramFiles\XLG Security Center
   C:\ProgramFiles\XLGSecurityCenter

   Right-click on the XLG Security Center folder and select Delete.
   A message will appear saying ‘Are you sure you want to remove the folder XLG Security Center and move all its contents to the Recycle Bin?’, click Yes.
   Another message will appear saying ‘Renaming, moving or deleting XLG Security Center could make some programs not work. Are you sure you want to do this?’, click Yes.

7. To remove XLG Security Center icons on your Desktop, drag and drop them to the Recycle Bin.

You’ve completed the XLG Security Center manual removal instructions!
I hope this article has helped you solve your XLG Security Center problems. If you want to contribute to this article, post your comment below.

Disclaimer: This article is for educational purposes. By using this information you agree to be bound by the disclaimer. There’s no guarantee that XLG Security Center will be completely removed from your computer. Seek professional help if your computer continues to experience problems.

Well as a System Administrator you browse through literal 100.000 event logs every week.
Below you will find a list posted by Microsoft. This list tells you which events you can safely ignore.

This will make your life a bit easier.... (I hope)

You can find the original document here

These days, we see in the computer shops wireless keyboards and mice being offered. Personally, I find them as totally useless. Why would a person want a wireless gadget for their computer? It is not like you cannot move your current keyboard and mouse far from the screen. Actually when you think of it, who would want farther from the keyboard?

The reason behind why I find this entirely outrageous is the fact that they pose more problems than good. I can understand why wireless is being done these days but if you are the technically inclined person, would you really need one? Outside that of bragging rights, the feasibility of having a keyboard farther away from your LCD monitor seems to be illogical. The only thing I can see as a benefit from it is to avoid the usual wirings that get entangled behind your CPU and nothing more. Besides I heard they run out of batteries fast!

Add to this the fact that they cost double than the usual wired keyboards or mouse we normally need. Paying for more for a standard device seems crazy and if you are wise, it would be best to stick to the default way of using your computer for work or any normal practice we do today.

While it seems that many people are fascinated by these wireless devices, don’t be. They will give you more problems in the end and I will not be surprised if you suddenly find yourself wanting to replace them with the old style keyboards or mouse.