Previous Posts

 Run Sysinternals directly from the Internet

Update your DNS Server - NOW!

Block XP SP3 - Stop the madness

Find out where a DLL, EXE, or SYS file came from

VMWare 2.0 Beta 2 Release

Restrict User Logon Hours

Vista Service Pack 1 is coming your way

Use auditing to track who deleted your files

IntelliAdmin Remote Control - Status Update

Try out the IE 8 Beta



Archives

May 2005

January 2006

April 2006

May 2006

June 2006

July 2006

September 2006

October 2006

November 2006

December 2006

January 2007

February 2007

March 2007

April 2007

May 2007

June 2007

July 2007

August 2007

September 2007

October 2007

November 2007

December 2007

January 2008

February 2008

March 2008

April 2008

May 2008



Subscribe to our Feed:

Automatic Install of IE 7 starts November 1st

Just want to remind everyone that IE 7 will be automatically installed on November 1st. Since most of you are running Automatic updates it would be prudent to block the install until you have fully tested it against all of the websites and software your company uses.

Microsoft provides a command line blocking tool that can be downloaded from here

Or you can download and install our free IE blocking tools:

For your local computer



Or download our tool that can update remote computers



Alternatively you can simply create a registry key that will block the install. It is located under this key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Setup\7.0

The key name is: DoNotAllowIE70

Setting this to 1 blocks the install, setting to 0 allows the install.

Only Windows 2003, and XP users need to worry about this automatic install - since IE 7 is not compatible with 98, ME, or 2000


Posted By: Steve Wiseman on Monday, October 30, 2006

Check out our utilities for windows

 



Microsoft releases new version of Media Player

Windows Media Player 11 was released today.

Windows Media Player 11

Like all new Microsoft software you need to have a valid version of windows to install it. Additionally, it is only available for Windows XP.

This is the first edition of Media player to provide integration with the MTV Urge music service. Key features boasted by Microsoft include:

-A visually driven experience using thumbnail and album art, an elegant and simple design, and customization capabilities for more personalized interaction

-Improved device experience with new shuffle sync and reverse sync options, device exploration using the library view, and intuitive help icons that ensure seamless and intuitive syncing and burning of rights-managed content

-Highly simplified navigation capabilities, enhanced shortcut options, and dedicated category views for all media types, including music, photos and video

-Better access to content with deep integration of services that blurs the line between online service and media player experiences

-Industry-first audio fingerprinting capabilities that recognize and import track information for unidentified or misnamed audio files

-New formats for ripping and music playback, including Windows Media Audio Professional and WAV Lossless

Why is this release important to Windows Administrators? Well I know that many of you have integrated phone systems. What I mean by that is your users can listen to their voice mail in wav, or mp3 format on their computer. I am not sure if Microsoft will force this version of Media Player via automatic updates, but it really provides no additional benefits to those using media player to listen to short audio clips.

In reality this update simply is a better marketing engine for Microsoft's media division. Frankly, as a business, There is no need for users to have their own music 'store' on their computers. It seems to be getting harder and harder to find a media player that just does that - play media. No popups, No music store sales, No spyware. Just play my MP3. Thats all I need.

Does anyone out there know of a media player that just plays MP3s, and Wav files without in-your-face advertising for the media companies? E-Mail Me and let me know.


Posted By: Steve Wiseman on Monday, October 30, 2006

Check out our utilities for windows

 



Security firm finds a way around Vista 64 Bit Patch Guard security

For most windows administrators Vista is still a long way off before they need to deploy it on their networks. Even further off is a 64 bit version of Vista. Still it is important to stay on top of what is going on with these products, so as an administrator you are not blindsided when you encounter your first install.

Windows Vista - Clear, Confident, Connected

The 64 bit version of Vista is the first version of Windows that will only allow signed drivers. This means that if you want to install a driver on windows, it must have a valid certificate - something difficult for a virus, or piece of spyware.

We are told by Microsoft that this fact alone will make Vista 64 the most secure operating system ever developed. This was all changed back in July when Joanna Rutkowska spoke at the Black Hat USA conference. She described a method of installing drivers without any code signature by using the page file.

The three suggestions Joanna made for Microsoft to resolve the issue:

1. Block raw disk access from usermode.

2. Encrypt pagefile (alternatively, use hashing to ensure the integrity of paged out pages, as it was suggested by Elad Efrat from NetBSD).

3. Disable kernel mode paging (sacrificing probably around 80MB of memory in the worst case).

Microsoft picked the least desirable option number 1. This was easy for them, but potentially made it impossible for disk utility vendors from creating disk repair, and defragmentation tools.

So that was it, or so Microsoft thought. Problem solved. No more unsigned drivers.

This week the security firm Authentium found a workaround for Patch Guard

Patch Gurad is the technology that keeps unsigned drivers from being installed, and the kernel from being modified. Their method allows either a legitimate software vendor, or an attacker to disable it, install their wares, and then turn it right back on.

Patch Guard is the feature that Symantec and McAfee have been getting very upset about - since it essentially keeps them out too. Rightly so, since essentially Microsoft will bypass this for their own security products. It really is a bad idea to force these security vendors to resort to hacks to install their software.

Microsoft immediately responded with a angry attack stating that that the hack harmed windows users by reducing the security of Windows.

Still this whole debate needs to be watched. Not many IT departments are going to feel secure with a Microsoft only approach to anti-virus and anti-spyware. On the flip side no one wants to install code that *hacks* the kernel in a corporate environment - Microsoft can break it in a day with an automatic update. Hopefully the issue will be worked out by the time most of us will need a 64 bit version of windows on our network.


Posted By: Steve Wiseman on Saturday, October 28, 2006

Check out our utilities for windows

 



Microsoft releases final version of Defender (Antispyware)

Microsoft released its final version of Windows Defender on Tuesday (Formerly known as Microsoft Antispyware). The last release was beta 2 in February. Since then about 30 million people have downloaded it.

It is a well polished product, and so far it has been great at removing most of the spyware that I have encountered. Now that it is an official full product, and no longer beta I am concerned that it could demolish other anti-spyware vendors like Ad-Aware and SpyBot

Windows Defender Full Version Released

If it comes down to only Microsoft as an anti-spyware vendor I feel that we will be back to square one. This is because the spammers, and spyware creators out there will only have one simple target to hit.

In addition to the software being free, Windows 2003 and XP users are entitled to two free support calls for Defender.

Not surprising, but the Defender is included with the Microsoft AntiVirus product Windows One Care. Now you can see why they want to lock out other vendors ;)

Download Windows Defender Here

Other excellent anti-spyware tools can be found here:

Ad-Aware by Lavasoft

SpyBot Search and Destroy


Posted By: Steve Wiseman on Thursday, October 26, 2006

Check out our utilities for windows

 



IE 7 breaks outlook hotmail integration

I admit it. I still have a hotmail account. I have had a hotmail account since they started way back in the day - before Microsoft had anything to do with it. They were one of the first web based free email sites on the internet.

For quite some time now I have been happily using hotmail within Microsoft Outlook. It makes it easier since I can bring all of my email accounts into the same program. That way I don't have to keep checking 3 different sites to see all of my new email.

Someone asked a question today in our discussion board about hotmail, and IE 7. The user installed IE 7, and now Outlook keeps asking for the password for hotmail - even when it is correct.

Ok. I decided to test this for myself. I got on one of my test systems and installed Microsoft Outlook, and the Hotmail account

IE 7 breaks outlook with hotmail accounts

Got it working smoothly, and then proceeded to install IE 7. After the reboot I launched Outlook and sure enough it was asking me for the password.

IE 7 causes outlook to ask for Hotmail password

Searched for quite some time through MS knowledge base and finally found KB 904942.

The frustrating part about this is that the only download they have is for the 64 bit version of Windows!

After searching the newsgroups and message boards I found out that this update can be installed via automatic update. You need to run automatic update, then pick the Software, Optional Updates setting on the left. Sure enough you will see it on the list:

IE7 breaks outlook with hotmail accounts

After installing the update Outlook worked perfectly again.

Update: Looks like another user answered the question while I was writing the article. Thanks Joshua!


Posted By: Steve Wiseman on Wednesday, October 25, 2006

Check out our utilities for windows

 



How to add your Hotmail account to Microsoft Outlook

Hotmail is one of the biggest free email providers on the internet. They were around way before gmail was even a thought in anyone's head. The one thing I notice is that when people start to use Microsoft Outlook they really miss its features when they use web based email.

Other free email providers like gmail provide a POP3 connection that allow programs like Microsoft Outlook receive mail from your free account. POP3 is a protocol that is widely supported by just about any email client on the net. I don't think Microsoft ever allowed this with Hotmail. It is clearly a marketing decision. Many people just stop there. It is easy to assume that if there is no POP3, there is no way to get the email from another program.

A part of that marketing strategy is a plugin within Microsoft Outlook that is specifically designed to allow you to access your hotmail account. It is really quite easy to add.

Open up Microsoft Outlook, and click on tools then E-Mail Accounts



In the email section of the displayed form, check the item that says "Add a new email account"



Click next. Now you are shown a list of account types:



Select the HTTP server type and click next again

Enter all of your account information. Make sure the HTTP Mail service provider is set to Hotmail, and fill out your hotmail email address, login, and password.



Click next and you are finished!

Now in Microsoft Outlook you will see a new item named Hotmail - that is where all of your Hotmail messages will be located.



That's all there is to it! Now you can easily read your Hotmail from Microsoft Outlook.


Posted By: Steve Wiseman on Thursday, October 12, 2006

Check out our utilities for windows

 



Disable automatic install of IE 7

Many administrators are going to be taken by surprise when they find out that IE 7 is going to be installed automatically via Windows Update.

There are considerable changes that could cause many headaches. Most administrators would prefer to decide when IE 7 is deployed on their network.

This is why microsoft has released the IE 7 blocking tool. It can be downloaded from here at Microsoft's website.

Once you download and extract the package you will see that it is a command line tool. You simply call the script with the computer name and /b





Alternatively you can simply create a registry key that will block the install. It is located under this key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Setup\7.0

The key name is: DoNotAllowIE70

Setting this to 1 blocks the install, setting to 0 allows the install.

I for one hate messing around in the registry, and sometimes I don't want to use the command line - I want a nice GUI interface to make these types of changes. That is why we have created two more free tools to make the changes for you.

For changing the setting on remote machines:





You can download it here

And, finally if you need to just do it on your local system this will do the trick:





You can download it here

As always our tools have no spyware, no adware, and the programs can be run from a USB memory stick with no install!


Posted By: Steve Wiseman on Tuesday, October 10, 2006

Check out our utilities for windows

 



Update your Windows XP SP2 Serial number

I have many friends who are getting notifications like this from Microsoft:





Many times I would shake my head when they bought their machines from a corner computer store - that had photo-copied licenses keys included with the machine. It was pretty obvious that the serial numbers were pirated.

With the Genuine Advantage push by Microsoft I get a call from a different friend almost every weekend now asking me what it means - I tell them they need to go out and buy a copy of XP.

A friend called me this weekend. She needed my help since she had no idea how to update the serial number without reloading the entire OS.

I looked up one of my old articles that had a script for updating the Windows XP serial number. I tried it out.

Hmm. It came back with an error code.





After searching the net, I found that Microsoft no longer allows you to update the serial number using this script. Modifications made by Service Pack 2 render the old scripts useless. They now have a new program for updating the serial number:

It can be downloaded from here

What is good about this new way of updating the serial number is that it will check the system files for anything that is out of order. This is important because many cracked versions of XP will have hacked system files that will keep important updates from being applied.





Once it is finished it will ask you for the new Key:





Enter the key click finish and it will make the change and reboot. Now that the serial number is updated you will no longer receive the warnings from Microsoft, and updates will be properly applied.


Posted By: Steve Wiseman on Monday, October 09, 2006

Check out our utilities for windows

 



Why some shortcuts say "Publisher cannot be verified"

When service pack 2 came out for Windows XP, I was surprised with the following message when trying to launch applications from the desktop:

The publisher could not be verified. Are you sure you want to run this software?

It is the result of Microsoft trying to protect users from malicious programs. The message will appear for any shortcut or executable that is hosted on a network share.

The maddening part is when you try to find the answer to this problem. After lots of digging I discovered it is actually an Internet Explorer setting! Yep. Double click shortcuts on the desktop - bam IE settings take effect.

There are two ways to solve this problem. First you could disable the feature totally. If you open the local policy editor by running gpedit.msc at the run window. Dig down to: User Configuration\Administrative Templates\Windows Components\Attachment Manager\Inclusion List For Low File Types

Enable it, and add .exe to the list

There is a big security issue with this. Internet Explorer uses these same settings. By changing it you are keeping IE from warning users about running EXE files. It is unfortunate that Microsoft decided to integrate the setting in this way.

The next way I will show you is the preferred way.

First, determine what server the shortcut is hosted on. For our example we will allow only shortcuts that are pointing to server1 to be launched without the warning.

Open Internet Explorer.

Click on tools, then Internet Options. Click on the security tab.

Once you are on this tab. Make sure you first click "Local Intranet", and then the "Sites" button should light up. Click it.

Unknown Publisher Fix - Internet Explorer Settings

On the form that is displayed, click advanced

Unknown Publisher Fix - Internet Explorer Settings

You will be shown a list of sites that are in the "Local Intranet"

To add your server to the list. Type file://server where 'server' is the name of your server. We will put server1 here

Unknown Publisher Fix - Internet Explorer Settings

Click on Add.

Click OK, on the rest of the dialogs to get out of the settings for Internet Explorer.

Now we can create shortcuts that point to that server, and no "Publisher cannot be verified" dialogs will be shown.


Posted By: Steve Wiseman on Tuesday, October 03, 2006

Check out our utilities for windows

 
Home|Downloads|Products|Blog
Copyright © IntelliAdmin, LLC, 2008. All Rights Reserved
Privacy Policy