W32/Magania.AZLM Trojan Known Files » kva8wr.exe, bgotrtu0.dll, uweyiwe0.dll, ahnsbsb.exe, ahnxsds0.dll, ahnfgss0.dll, 6l6.com, gjnfah.cmd

W32/Magania.AZLM is a trojan. The trojan will infect Windows systems.
This Worm Copies its file(s) to Windows\system32, Root of windows installed folder as hidden files or active non-hidden files.

W32/Magania.AZLM Trojan information updated on October 12, 2009.
Other names of W32/Magania.AZLM Trojan:
W32/Magania.AZLM Trojan is also known as Trojan-GameThief.Win32.Magania.azlm, Worm.Taterf.ATS, Worm:Win32/Taterf.B.
Download Registry, Taskmanager and Folder Options Repair Tool

W32/Magania.AZLM Trojan Manual Removal Instructions

Recommended Removal from Windows Safe Mode:
How to Start Windows in Safe Mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.

The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
[ Kill the Process, Use Killbox if your Access Denied ]

Download W32/Magania.AZLM Trojan Known File Removal Tool
[In Windows Vista Run As Administrator, After Execution System Will Restart ]

%Windows\System32\kva8wr.exe
%Windows\System32\bgotrtu0.dll
%Windows\System32\uweyiwe0.dll
%Windows\System32\ahnsbsb.exe
%Windows\System32\ahnxsds0.dll
%Windows\System32\ahnfgss0.dll
%Root of Windows Drive\6l6.com
%Root of Windows Drive\gjnfah.cmd

[ No Exact Information about Files, search above related files in Program files Folder ]
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Download - Enable Registry.reg
[ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.


Unregister DLL Files Using Windows Command Prompt
To open the Windows Command Prompt, go to Start - Run, type cmd and then click the "OK" button.
Type "cd" in order to change the current directory,
Press the "space" button, enter the full path to where you believe the Program DLL file is located press the "Enter" button on your keyboard.
If you don't know where Program DLL file is located, use the "dir" command to display the directory's contents.

To unregister a "Program" DLL file,
Type in the exact directory path + "regsvr32 /u" + [ DLL_NAME ]

Example [ C:\Windows\System\ regsvr32 /u filename.dll ] and press the "Enter" button.
A message will pop up that says you successfully unregistered the file.

W32/Magania.AZLM Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
Download UnHookExec.inf,
[ Right Click - Save Target As/Linked Content As ]
Save it to your Windows desktop.
Do not run it at this time, download it only.
After booting into the Safe Mode or VGA Mode
Right-click the UnHookExec.inf file and click Install.
[This is a small file. It does not display any notice or boxes when you run it.]
Or Download Regfile to enable Registry editor
Download Registry Enabler [ Right click - Save Target As ]
Open it with Registry editor

W32/Magania.AZLM Trojan modifies registry at the following locations to ensure its automatic execution at every system Startup:
Delete The Entries

HKEY_USERS\S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXX-XXXX\Software\Microsoft\Windows\CurrentVersion\Run

Delete file entries from right side, look up file entries listed above
Search Registry For W32/Magania.AZLM Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Kaspersky Antivirus or Internet Security [ Shareware ]
Spyware Doctor [ Shareware ]
AVG Antivirus [ Freeware ]
Killbox [ Freeware ]

I am glad to announce that today we shipped a new version of the Windows API Code Pack – version 1.0.1. This is not a major version with a lot of new features, but rather a minor version focused on fixing bugs, improving performance, adding demos and few features updates (new wrappers…)

But before we dive into this new version of the Windows Code Pack let’s better understand what this Windows API Code Pack is all about.

Windows 7 offers new features like the taskbar, libraries, and the Sensor and Location platform, to name a few. These features enable new scenarios and create new opportunities for developers to make their applications shine on Windows 7. All these great features are exposed via the Win32 native API. Currently there is no “Windows 7” namespace in the .NET Framework, and no easy way to use these features from managed code applications. To help managed code developers access them, we released version 1.0 of the Windows API Code Pack for the .NET Framework in August (just after Windows 7 RTM).

The Windows API Code Pack is a free, managed Source Code Library provided by Microsoft as is. You should consider this library as if you wrote it yourself, as if it is your own code. It is a great starting point and provides a really good and solid solution for managed code developers. It covers a lot of the new Windows 7 features as well as some more fundamental core features from the Windows Vista timeframe. You may think of the Windows API Code Pack as the closest thing to an “official” managed API for Windows. But you need to remember that it’s not a product with 24x7 technical support available from Microsoft Customer Service and Support. We believe it is a great solution, and that the codebase is very solid and high quality.

Our goal with the code pack is to enable managed code developers to take advantage of Windows APIs that are not part of the .NET Framework. We feel that as a shared source that is separate from the .NET runtime libraries, the Windows API Code Pack provides an optimal compromise between the Microsoft Win32 managed wrapper, short time-to-market -we released the Windows API Code Pack just a month after the Win7 RTM, and we ship full source code of the library.

The Windows API Code Pack includes a great deal of managed API for Windows (7). For example:

• Extensive integration with the Windows Shell namespace, with support for the Windows Shell property system, providing control like explorer browser and access to Windows Libraries
• A completely 100% feature parity with the native Taskbar API including (but not limited to) JumpLists, Icon Overlay, Progress bar, Thumbnail, custom switcher, Thumbnail Button, etc…
• Windows Task Dialogs , other controls
• Support for Direct3D 11.0 and DXGI 1.0/1.1 APIs
• Support for the Sensor Platform APIs
• Extended Linguistic Services APIs
• Windows Restart Manager
• Power APIs
• And many other features

Each technology represented in the Windows API Code Pack has multiple demos and examples (including source) in C# and VB. We are planning on releasing updates to the Windows API Code Pack roughly every three months. We will be investing mainly in stability (meaning fixing bugs), fundamentals, testing and documentation, as well as new feature support (based on customer feedback).

You may ask yourself, “Why isn't the Windows API Code Pack part of the .NET Framework?”

We ship open source code that we might bring into the runtime sometime in the future, if we feel it's sufficiently core to the entire framework to be worth the size increase. Remember the .NET Framework runs on both Windows Vista and Windows XP. However, Windows 7 is here now, and we want to enable you to access this set of free, open source library sooner rather than later. We’re shipping this library in a community-supported form and, as you can see, we intend to keep updating it. While this version (1.0.1) is a minor release, we are planning on another release in the next few months. In the meantime, you get the best of both worlds in a package that you can use as a whole or in parts without restriction.

Another question you may ask is, “Will .NET 4 replace the need to use the Windows API Code pack?”

When .NET 4 ships, you will be able to use its Windows 7 features such as Taskbar and multitouch integration with WPF, DirectWrite support, and the location API via the Devices namespace. Continue to access other features such as libraries, Restart Manager, and Sensors via the Windows API Code Pack.

Last but not least, we are looking for feedback from the community – that is you the .NET developer using this library to write managed code applications for Windows 7. On the Windows API Code Pack site, you can ask questions, provide feedback, report bugs, and follow open bugs. Your input is critical for the continuation of this library, so please send us your feedback and questions.

To learn more about how to use the Windows API Code Pack check the Windows 7 Training on Channel 9

A few weeks ago, just two days before Windows 7 become generally available, Visual Studio 2010 hit its own major milestone with the release its second Community Technical Preview of Visual Studio, known as Visual Studio 2010 Beta 2. To me, it is always exciting to see how the different tools and frameworks evolve and add new features.  It seems that with every release the products get bigger and better, offering an even

greater number of programming  languages, and addressing an ever growing number of areas of development such as Web, client, mobile, parallel, consoles, and devices.

Despite being a “beta” product, it is much easier to work with Visual Studio 2010 than with VS 2008. It is much easier to control your solutions and, even more importantly, much easier to write and document code. The user interface is much improved; it uses the Windows Presentation Foundation (WPF) to reduce clutter and visual complexity, and modernizes the interface by removing outdated 3D bevels. Using WPF enables us to help developers focus on content areas by opening up negative space between windows and drawing attention to the current focus with a dominant accent color and a distinctive background. There are also some cool, small, and simple perks like the ability to control the size of text. You can also drag a single window from the main Visual studio application to a second monitor (just like that) and with that you have multi-monitor support via the VS client application.

Improvements to the IntelliSense allow it finally to work well for C++ projects. And let’s not forget the new debugger window that supports parallel computing debugging and lets you view your parallel stacks.

There is even a new language, F# (F stands for Functional programming), and numerous upgrades to C#, like support for dynamic keywords. Dynamic objects' operations are resolved at runtime (check out a good post about this by Scott Hanselman). There is also support for the next version of the C++ language specification, C++X0, like Lambda Expressions. Speaking of C++, we've built the C++ solutions using MSBuild, which should make everyone happy.

As always, backward compatibility is super critical, and it is important to mention that Visual Studio 2010 supports multi-targeting. Visual Studio 2010 can target .NET 2.0 through .NET 4.0 on a per-project basis, which means you can work with your older project on the new VS 2010 and enjoy all the goodies mentioned above (and many more).

But I want to focus this post on using Visual Studio 2010 to program Windows 7. There are quite few technologies and features in Visual Studio 2010 to help you write better applications targeting the specific features of Windows 7. Below are just a few of the Visual Studio 2010 features that we’ll write more about really soon.

.NET 4 and Windows 7

Visual Studio 2010 brings a complete new CLR version – version 4. This is not just an incremental upgrade on top of CLR 2 (.NET Framework 2). This enables new language enhancements like the dynamic keyword. And the new WPF brings support in a few other areas like shell and Taskbar integration, and multitouch.

WPF & Taskbar Integration

As you know, you program jump lists using the JumpList class. This exposes several methods and properties that manipulate the exposed jump lists for the application. It also has an attached property that you can apply to your application class to create, modify, and remove jump list items. If you work with specific files, you can use the JumpList.AddToRecentCategory method to add that file to the recently used file list managed by the shell.

There are two types of jump lists – tasks and items; you work with each using a JumpTask, or a JumpPath respectively. You can work with these in XAML, code-behind, or a combination of the two. The following code snippet shows a simple integration of tasks into a jump list.

<JumpList.JumpList>
   <JumpList>
      <JumpTask ApplicationPath="notepad.exe" 
                         CustomCategory="External Tools" 
                Description="Take Notes" 
                Title="Start Notepad" 
                IconResourcePath="notepad.exe" 
                IconResourceIndex="0" />

      <JumpTask ApplicationPath="calc.exe"
                         CustomCategory="External Tools" 
                         Description="Perform some calculations" 
                        Title="Start Calculator"
                        IconResourcePath="calc.exe" 
                        IconResourceIndex="0" />
    </JumpList>
</JumpList.JumpList>

In a similar way, you can use XAML to add Thumbnail Toolbar buttons as shown by the following code snippet.

<TaskbarItemInfo.ThumbButtonInfos>
   <ThumbButtonInfo DismissWhenClicked="True" 
                    ImageSource="images/booktrip.png"
                    Command="{Binding BookItinerary}"
                    Description="Book the itinerary now" />
</TaskbarItemInfo.ThumbButtonInfos>

WPF Common File Dialog Supports Libraries (Finally!)

For some strange reason, WPF 3 and 3.5 Common File Dialog (CFD) didn’t support the updated version of the CFD introduced with Windows Vista. The CFD was upgraded in Windows 7 to support libraries and provide a better user experience. It now allows seamless search integration as well as some advanced user functionality. With WPF 4, applications enjoy the power of the “new” CFD directly from WPF, and don’t need to import CFD from the WinForm namespace (which was the only way to show the updated CFD from WPF 3 and WPF 3.5).

WPF Supports Multitouch

WPF 4.0 introduces multitouch support directly into the WPF API– with no need to interop to a native service. These new features are only available on Windows 7 and are automatically deprecated when running under older operating systems, so you don’t have to detect the operating system yourself. WPF 4.0 adds a new manipulation API to the UIElement base class. This new support allows developers to track multiple touches and generate both cumulative and individual manipulations across the touches. Basically, this enables you to transform your object on the X and Y coordinates, rotation, and scale.

WPF will supply these manipulation events if the IsManipulationEnabled property on the element is set to true. It defaults to false, so you will need to turn on this property for each element where you want to manage manipulations. This is as simple as adding IsManipulationEnabled=true to your XAML as shown in the following code snippet.

<Border Margin="10,5" 
    BorderBrush="DarkGoldenrod" 
    BorderThickness="2" 
        CornerRadius="10" 
    MinHeight="75" 
    IsManipulationEnabled="true">

Optionally, you can also hook the ManipulationStarting and ManipulationCompleted events to provide code behind the implementation of these events.

WPF 4 also supports low-level touch messages, or raw touch input. You can interact with the raw touch events on any UIElement using TouchDown, TouchMove, and TouchUp events, all of which have preview event versions. This can be useful if you are trying to track multiple touches that are not manipulating the same object, or if you want to provide different behavior for touches and the mouse. We’ll soon write more about Windows 7 multitouch in general and WPF specifically.

MFC Updates

In Visual Studio 2010, C++ and MFC received a healthy dosage of “coolness” factor, adding useful features such as IntelliSense enhancements and C++0x features. The MFC Library received a major upgrade, especially in regard to the Taskbar, Multitouch, and Restart and Recovery:

Taskbar

The MFC Taskbar provides all the functionality that the native taskbar COM API provides. There is nothing that the one can do that the other cannot. The MFC simply wraps the Win32 APIs (as it always does) into a more “MFC-like” API that corresponds to the MFC Framework programming style guidelines. For example, the following code snippet sets the overlay icon.

CMainFrame* mainFrm = 
dynamic_cast<CMainFrame*>(AfxGetApp()->GetMainWnd());
if (mainFrm)
    mainFrm->SetTaskbarOverlayIcon(IDI_ICON_INFO,L"Info");

First you need to obtain a handle (a pointer) to the application's main window (the top-level window), which corresponds to Win32 HWND. Then, simply call the SetTaskbarOverlayIcon passing HICON and a string that provides an alt text version of the information conveyed by the overlay to meet accessibility requirements. Simple, right?

In MFC, the CFrameWnd class provides the functionality of a Windows single document interface (SDI), overlapped, or pop-up frame window. With the new MFC, this class was updated and now supports Taskbar functionality such as icon overlay, progress bar, jump lists, and thumbnails.

In MFC, Taskbar thumbnail preview support is built in, so the Taskbar thumbnails will show any rendering within the views. Therefore, other than implementing your own View drawing, you need not provide any explicit code to update those Thumbnails.

To enable Taskbar Thumbnails in an MFC application while using the MFC application wizard, all the user needs to do is select the “Multiple documents” application type with the option “Tabbed documents” enabled. When the application runs, MFC will take a snapshot of each view and send it to the Taskbar APIs to display as thumbnails.

And the output could like this:

Multitouch

In Visual Studio 2010, MFC also supports multitouch. By default, on a touch-enabled device (such as touch screen), Windows 7 sends gesture touch messages to any application; that is, by default Windows 7 sends WM_GESTURE messages to the target windows. All that MFC is doing is mapping these messages to its own message handlers. MFC provides a number of message handler overrides that can receive each of the gesture types, and each returns a Boolean value. If a gesture input is processed by the application, the corresponding override should return TRUE; otherwise, it returns FALSE. Therefore if you wish to handle the zoom gestures, all you need to do is implement the relevant handler. Here is the list of supported handlers.

// Gesture handlers
virtual BOOL OnGestureZoom(CPoint ptCenter, long lDelta);
virtual BOOL OnGesturePan(CPoint ptFrom, CPoint ptTo);
virtual BOOL OnGestureRotate(CPoint ptCenter, double dblAngle);
virtual BOOL OnGesturePressAndTap(CPoint ptFirstFinger, long lDelta);
virtual BOOL OnGestureTwoFingerTap(CPoint ptCenter);

 

Similarly, you can register to receive raw touch messages and the default gesture messages. In Windows 7, gestures messages and raw touch are mutually exclusive. If you register to receive the raw touch messages for a particular window, that window will stop receiving gestures messages. If you opt-in to handle raw touch messages, you need to implement the following handler:

virtual BOOL OnTouchInput(
                        CPoint pt, 
                        int nInputNumber, 
                        int nInputsCount, 
                        PTOUCHINPUT pInput);

MFC makes your life easier by providing a lot of the information per each touch point, for example, the client coordinates for the actual point where the touch-enabled device has been touched. MFC also provides the ID of the touch point, that is, the first, second, or third finger, as well as the total count of current touches.

Restart and Recovery (Restart Manager)

In Visual Studio 2010, MFC also provides native support of the Restart Manager. Restart Manager is a feature introduced by the Microsoft Windows Vista operating system. It can help applications maintain their data when an update needs to shutdown the application or when an unexpected software error or crash occurs. Instead of shutting down abnormally, Restart Manager enables an application to perform an application save before it is terminated. Furthermore, it can re-invoke the application, enabling it to restore its state from before the shutdown or crash.

For new MFC applications, you can get the application restart and recovery feature for free by using the MFC Application Wizard as you can see from the following image:

All configurable parts of the restart manager API are exposed to the user through virtual members that can be over-ridden. Needless to say, you can expect some more blogging about this feature.

.NET 4 and Location

.NET 4 has a new Device namespace that supports the Windows 7 Location API (part of the Windows 7 Sensor and Location. The System.Device.Location namespace allows application developers to access the user's location easily using a single API. Location information may come from multiple providers, such as GPS, Wi-Fi triangulation, and cell phone tower triangulation. The System.Device.Location classes provide a single API to encapsulate the multiple location providers on a computer and support seamless prioritization and transitioning between them. An application developer using this API does not need to know which location-sensing technologies are available on a particular computer and is freed from the burden of tailoring an application to a specific hardware configuration.

To begin accessing location, you need to create a GeoLocationProvider. This object is the main “location manager” object through which you can register for LocationChange notifications and synchronously read the latest location information. Next you need to call Start to start the acquisition of data from the current location provider. You can check the Status property to determine if data is available. If data is available, you can get the location once from the Location property, or receive continuous location updates using the LocationChanged event. The following code snippet is a VERY simple code sample showing how to retrieve the current GeoCoordinates (latitude, longitude).

GeoLocationProvider provider = new GeoLocationProvider();
provider.Start();
GeoCoordinate coordinate = provider.Location.Coordinate;
if (coordinate != GeoCoordinate.Unknown)
{
  //Business logic here
}

Unfortunately, .NET 4 supports only the Location API and not the full Sensor and Location Platform – meaning that the .NET location implementation is still missing the Sensor piece. Use the Windows API Code Pack to access sensor from managed code.

Parallel Computing and Windows 7 Multi-Core

Parallel programming in Visual Studio 2010 has many aspects, for example, Parallel LINQ and other .NET enhancements for supporting parallel computing, including statements like Parallel.For that use System.Threading.Tasks.Task. C++ developers will be happy to learn that the Task concepts also exist in C++ Version 10, which ships with VS 2010. For native code, Concurrency Runtime (ConcRT) has implicit knowledge of Win7 processor groups and will schedule work on up to 256 cores; ConcRT also takes advantage of User Mode Scheduling of threads. Therefore, any workload that sits on top of ConcRT immediately benefits. In other words, because both the Parellel Pattern Library (PPL) and Asynchronous Agents are included in Visual C++ 10 CRT and are built on top of ConcRT, any workloads you build on them will scale to 256 cores--

just like that! (Well, you will still need to write the code, but the scaling is free.)

For managed code applications, the story is less bright. Management of the managed stack thread sits on top of the .NET ThreadPool (System.Threading.ThreadPool) by default. This does not use the new processor group APIs in Windows 7, and therefore doesn’t automatically benefit from the Windows 7 ability to scale. The maximum number of processes that the threadpool can utilize is 64. But not everything is lost, it is possible to write a custom TaskScheduler that targeted more than 64 procs, and use the rest of the Task Parallel Library with that special scheduler. This would be a cool CodePlex project, right?

Overall Visual Studio 2010 includes tons of new technologies and improvements--all of it icing on the Windows 7 cake!

W32/BSpread.B Worm Known Files » Mwau.exe, 058.exe

W32/BSpread.B  is a Worm. The worm will infect Windows systems.
This Worm Copies its file(s) to Documents and Settings\Default User\Local Settings\Temp, C:\RECYCLER\S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXX-XXXX folder as hidden files or active non-hidden files.

W32/BSpread.B Worm information updated on October 10, 2009.
Other names of W32/BSpread.B Worm:
W32/BSpread.B Worm is also known as Email-Worm.Win32.BSpread.b, TROJ_AGENT.IAZZ.

Download Registry, Taskmanager and Folder Options Repair Tool

W32/BSpread.B Worm Manual Removal Instructions

Recommended Removal from Windows Safe Mode:
How to Start Windows in Safe Mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.

The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
[ Kill the Process, Use Killbox if your Access Denied ]

Download W32/BSpread.B Worm Known File Removal Tool - Get by commenting
[In Windows Vista Run As Administrator, After Execution System Will Restart ]

%Documents and Settings\Default User\Local Settings\Temp\058.exe
%RECYCLER\S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXX-XXXXe

[ No Exact Information about Files, search above related files in Program files Folder ]
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Download - Enable Registry.reg
[ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.

W32/BSpread.B Worm Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
Download UnHookExec.inf,
[ Right Click - Save Target As/Linked Content As ]
Save it to your Windows desktop.
Do not run it at this time, download it only.
After booting into the Safe Mode or VGA Mode
Right-click the UnHookExec.inf file and click Install.
[This is a small file. It does not display any notice or boxes when you run it.]
Or Download Regfile to enable Registry editor
Download Registry Enabler [ Right click - Save Target As ]
Open it with Registry editor

W32/BSpread.B Worm modifies registry at the following locations to ensure its automatic execution at every system Startup:
Delete The Entries

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Delete file entries from right side, look up file entries listed above
Search Registry For W32/BSpread.B Worm File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Kaspersky Antivirus or Internet Security [ Shareware ]
Spyware Doctor [ Shareware ]
AVG Antivirus [ Freeware ]
Killbox [ Freeware ]

Here we are at the LA Convention Center, attending the FREE Windows 7 Seminar: Boot Camp. We managed to “sell out” (just a reminder-- it is free) this event, getting more than 1200 registrations. This day is all about learning what’s new in the Windows 7 kernel, how developers can take advantage of these feature, and then learn how to take advantage of some “user mode” features like multitouch, taskbar, sensor and location, and others.

Today started with Mark Russinovich, Technical Fellow and the man behind SysInternals and many of the improvements in Windows 7, describing some of the changes made to the Windows 7 kernel. Immediately after Mark, Arun Kishan, a Principal Architect for the process management components, described his work around the thread and process allocation that frees the kernel from its thread dispatcher locks and gives Windows 7 the ability to scale seamlessly to 256 cores. Then Landy Wang, a Distinguished Engineer in the Kernel team, described changes made in Windows 7 memory management, mainly focusing on memory Working Set and memory trimming.

After lunch, Jaime started his run, giving some insight and very useful tips about using the Taskbar, from understanding the difference between Application ID and Program ID to the effective use of custom previews. Jaime has only 60 minutes, but I am sure his tips for working with the Taskbar will prove very useful. For example:

• Tip1 – when writing your own jump list item or link, make sure you remember what items you wrote, because you can’t just “read” the jump list items
• Tip2 – if you decide to invest in cutom switcher and provide your own thumbnail preview and Aero Peak make sure you “save the state” of your application and images as DWM will not always perform for you.

I'll be up next, explaining Windows 7 libraries in depth, with a focus on useful tips for programming Windows 7 libraries, and specifically how to stay in sync with library updates. We have already had plenty of Windows 7 libraries posts - Windows 7 Programming Guide – Libraries, so I am not going into great detail. However, I do want to hand out the presentations and code samples used. All my demos as well as Jaime’s are part of the Windows 7 Training kit.

Right after our discussion about libraries, we will take a deep dive into the Windows 7 Sensor and Location platform. I just LOVE the endless amount of innovation and opportunity developers have generated while using this platform. After the Windows 7 launch on October 22^nd, we saw a large number of laptop models coming out with built-in sensors. Developers will most probably use these to create truly adaptive applications that adjust their functionality and UI based on sensor input. 

After our Sensor and Location Platform discussion, it will be Michael Oneppo's turn to explain the changes in the Windows 7 graphics stack. Michael's presentation is very interesting, as it describes some of the DirectX API that was down ported to Windows 7 as a result of the Platform Update for Windows Vista and the Platform Update for Windows Server 2008. For example, did you know that the Microsoft Direct3D API DirectCompute feature allows your applications to use a new pipeline stage in the GPU, the compute shader stage, to implement highly data-parallel algorithms with unmatched speed and performance? This means that now you can use GPU power for parallel programming, freeing your CPU to do other things. It is amazing how powerful these GPUs have become; allowing them remain idle would be a huge waste of resources. If you want to learn more, you can always view Chas Boyd PDC session – DirectX11 DirectCompute.

To close the learning part of the day, Jaime Rodriguez takes us through a quick tour of Windows 7 multitouch. Jaime is taking his usual practical teaching approach of focusing on a few tips and tricks that will make it easier for you to start using multitouch.

Now that Windows 7 is available, a recent blog by Chester Wisnieski (who works at security vendor Sophos), entitled Windows 7 vulnerable to 8 out of 10 viruses, which has stirred some interest.

Here's a quick summary for those who missed Chester's blog. During a test SophosLabs conducted, they subjected Windows 7 to "10 unique [malware] samples that arrived in the SophosLabs feed." They utilized a clean install of Windows 7, using default settings (including the UAC defaults), but did not install any anti-virus software. The end result was 8 of the 10 malware samples successfully ran and the blog proclaims that "Windows 7 disappointed just like earlier versions of Windows." Chester's final conclusion? "You still need to run anti-virus on Windows 7." Well, we agree: users of any computer, on any platform, should run anti-virus software, including those running Windows 7.

Clearly, the findings of this unofficial test are by no means conclusive, and several members of the press have picked apart the findings, so I don't need to do that. I'm a firm believer that if you run unknown code on your machine, bad things can happen. This test shows just that; however, most people don't knowingly have and run known malware on their system. Malware typically makes it onto a system through other avenues like the browser or email program. So while I absolutely agree that anti-virus software is essential to protecting your PC, there are other defenses as well.

Let me recap some of the Windows 7 security basics. Windows 7 is built upon the security platform of Windows Vista, which included a defense-in-depth approach to help protect customers from malware. This includes features like User Account Control (UAC), Kernel Patch Protection, Windows Service Hardening, Address Space Layout Randomization (ASLR), and Data Execution Prevention (DEP) to name just a few. The result, Windows 7 retains and refines the development processes, including going through the Security Development Lifecycle, and technologies that made Windows Vista the most secure Windows operating system ever released.

Beyond the core security of Windows 7, we have also done a lot of work with Windows 7 to make it harder for malware to reach a user's PCs in the first place. One of my favorite new features is the SmartScreen Filter in Internet Explorer 8. The SmartScreen Filter was built upon the phishing protection in Internet Explorer 7 and (among other new benefits) adds protection from malware. The SmartScreen Filter will notify you when you attempt to download software that is unsafe - which the SophosLabs methodology totally bypassed in doing their test.

So while I'm not a fan of companies sensationalizing findings about Windows 7 in order to sell more of their own software, I nevertheless agree with them that you still need to run anti-virus software on Windows 7.  This is why we've made our Microsoft Security Essentials offering available for free to customers. But it's also equally important to keep all of your software up to date through automatic updates, such as through the Windows Update service. By configuring your computers to download and install updates automatically you will help ensure that you have the highest level of protection against malware and other vulnerabilities.