Forefront TMG Editions

Forefront TMG Editions:

Forefront TMG is available in Standard Edition and Enterprise Edition.
Although the deployment needs of the network infrastructure are different, both editions include the same features and have the same protection and access control capabilities.
The following table compares and contrasts the features of the two editions in Forefront TMG.
Standard Edition
Enterprise Edition
Supported deployment scenarios
Standalone server
Server in a standalone array
Server in an array managed by EMS
Up to 4 CPU’s
Supports remote management of firewall policies and configuration settings.
Array/NLB/CARP support
You can only have one server in an array.
Enterprise Management
Yes, with the added ability to manage Standard Editions.
VPN support
Forward proxy/cache compression
Network IPS (NIS)
E-mail Protection
Requires Exchange license
Requires Exchange license
Web Protection
Requires subscription
Requires subscription

Forefront 2010 Licensing Overview

Forefront Threat Management Gateway 2010
The Forefront TMG solution includes two separately licensed elements:
· Forefront TMG 2010* Server provides URL filtering, anti-malware inspection, intrusion prevention, application- and network layer firewall, and HTTP/HTTPS inspection in a single solution.
· Forefront TMG Web Protection Service provides continuous updates for malware filtering and access to cloud-based URL filtering to protect against the latest Web threats.

* Forefront TMG 2010 is licensed under the processor licensing model, with a license required for each physical or virtual processor accessed by an operating system environment running a TMG Server. This license does not require any device or user CALs
Forefront TMG 2010 Enterprise Edition and Standard Edition are offered in the following Microsoft licensing programs:
· Enterprise Agreement
· Enterprise Agreement Subscription
· Select
· Academic and Government Select
· ISV Royalty
· Open
· Open Value
· Open Value Subscription
· Service Provider License Agreement (SPLA)
· Campus and School Agreement

* Forefront TMG Standard Edition is also available in Full Packaged Product (FPP) for retail sale through distributors.

Forefront TMG Web Protection Service is a subscription product licensed per user or per device. It is offered as a stand-alone product cor as part of the Enterprise CAL Suite or Forefront Protection Suite. TMG Web Protection Service is available in the same Microsoft licensing programs as Forefront TMG 2010, except for the following:
· ISV Royalty
· Open


* All prices reflect pricing for purchases in the United States and Canada and appear in US dollars. The prices listed are estimated retail prices; reseller pricing may vary.

Required Software

* All prices reflect pricing for purchases in the United States and Canada and appear in US dollars. The prices listed are estimated retail prices; reseller pricing may vary.

Forefront Unified Access Gateway 2010
Forefront Unified Access Gateway 2010 is licensed through Microsoft Volume Licensing (MVLS) and requires:
· A server license, available either through an OEM appliance or as software. It gives the license holder the right to install and use the server software.
· A Client Access License (CAL) for each named or authenticated device or user that accesses a system running Unified Access Gateway. A Device CAL grants the right for one device (accessed by any user) to access the Unified Access Gateway server software. A User CAL permits one user (using any device) to access the server software.
· An optional external connector license is also available to enable external parties to access the network. Customers have the choice to license an external connector for each Unified Access Gateway Server that those external users will access, or to license a Unified Access Gateway CAL for each external user.
Customers can license Unified Access Gateway as part of the following Microsoft licensing programs:
· Enterprise Agreement
· Enterprise Agreement Subscription
· Select
· Select Plus
· Open
· Open Value
· Open Value Subscription
· Service Provider License Agreement (SPLA)
· Campus and School Agreements
· US Government

Purchasing Options
Customers can buy Unified Access Gateway server licenses:
· Through OEM partners if they want to buy Unified Access Gateway as a physical appliance. This includes the underlying Windows Server 2008 R2 license.
· From Microsoft Volume Licensing. These options require provisioning the license from a customer’s existing agreement. Appliances are available from Microsoft partner hardware vendors


Unified Access Gateway Client Access Licenses
Product Licenses Price Description

Other Licenses

* UAG CALs will be added to the Enterprise CAL starting in spring 2010


Lync Server 2010 Licensing

Lync Server 2010 Licensing

Lync Server 2010 follows the Server/Client Access License (CAL) model. Under this model, a Lync Server 2010 license is required for each operating system environment running Lync Server 2010. A CAL is required for each user or device accessing the Lync Server. You can acquire Lync Server 2010 CAL as standalone servers and Client Access licenses (CAL) or you can purchase the CALs as part of the Microsoft Enterprise CAL (ECAL) Suite. Lync 2010 is the client software used to interact with the Lync Server 2010 Server and is licensed separately as a standalone license, or available via Office Professional Plus 2010.

Lync Server 2010

  • Lync Server 2010 Standard Edition :
    Standard Edition requires that primary server components, as well as the database for storing user and conference information, be configured on a single computer. Standard Edition is recommended for organizations that do not require higher availability through load balancing.
  • Lync Server 2010 Enterprise Edition :
    Enterprise Edition enables separation of server functionality and data storage to achieve higher capacity and availability. Enterprise Edition is recommended for organizations that require higher availability through load balancing.

Lync CAL Offerings

  • Lync Server 2010 Standard CAL
  • Lync Server 2010 Enterprise CAL
  • Lync Server 2010 Plus CAL

Move the ost-file

I’m running out of disk space on my main drive and noticed that my ost-file was really big. I know how to move pst-files, but that method does not seem to apply to ost-files.

How can I move my ost-file to another location?

Moving an ost-file to another location is indeed a bit more trickier than moving an pst-file. While it is recommended to leave the ost-file in its default location, there are still valid reasons for moving it to another location like for instance when using a smaller Solid-state Drive (SSD) as your main disk.

  1. Close Outlook.
  2. Copy the ost-file to the location where you want it to go.
    The defaults location for the ost-file is;

    • Windows Vista and Windows 7
    • Windows XP
      C:Documents and Settings%username%Local SettingsApplication DataMicrosoftOutlook
  3. Use the Mail applet in Control Panel to open your E-mail Account settings.
  4. Double click on the Exchange server account and choose More Settings…
  5. Select the Advanced tab.
  6. Disable the option; Use Cached Exchange Mode.
  7. Press Apply.
  8. Press the button; Offline Folders File Settings…
  9. Press the button; Disable Offline Use
  10. Press OK on the warning dialog that pops-up.
  11. Press again on the button; Offline Folders File Settings…
  12. Now browse to the new location of the ost-file.
  13. Press OK to return to the Advanced tab.
  14. Enable the option again for Use Cached Exchange Mode.
  15. Close all open dialogs and rename the ost-file in the old location from .ost to .old
  16. Start Outlook.

Outlook will now use the ost-file from the new location and you can safely delete the ost-file from your main disk.

Offline Folder File Settings
It takes some clicking to make the ost-file location field editable.

Note: Don’t place the ost-file on a network share. This is unsupported and it would defeat the purpose of enabling Cached Exchange Mode. The ost-file should reside on an internal drive.

courtesy :

Install Self Signed Exchange 2010 SSL certificate

For my example, my domains are…

Local domain: vcp.local
Outside domain:

#NETBIOS name of Client Access exchange server:        vcpsydex01
#Internal FQDN (AD name):        vcpsydex01.vcp.local
#External FQDN (Public name):
#Autodiscover name:  

Run the following command on the Client Access Server for generating the new Self-Signed SSL cert using the names listed above:

New-ExchangeCertificate -FriendlyName “SelfSigned Cert” -SubjectName “” -DomainName vcpsydex01,vcpsydex01.vcp.local,, -PrivateKeyExportable $True

Prior to Windows Vista SP1, the Windows RPC/HTTP client-side component required that the Subject Name (aka Common Name) on the certificate match the “Certificate Principal Name” configured for the Outlook Anywhere connection in the Outlook profile. Therefore, as a best practice, you should ensure that is listed as the Subject Name in your certificate unless you plan on changing the configuration which can be achieved by using the Set-OutlookProvider cmdlet with the -EXPR parameter as described in

Open IIS on the Exchange Server and tell it to use this certificate.

  1. Click on the Default Web Site
  2. Click Bindings on the right
  3. Select HTTPS, and choose edit
  4. Under SSL certificate, click the drop down list and choose your certificate that you created earlier.
  5. You need to setup the following external DNS entries 1. 2., these need to point to the external IP address of your Exchange CAS server.
    The next few steps are to install the certificate to the Clients.
  6. From Internet Explorer, navigate to the website of your OWA, Click on Certificate Error, then click View certificates.
  7. Click Install Certificate
  8. Click Next
  9. Select the second option
  10. Select the box Show Physical Stores, Under Trusted Root Certification Authorities, select Registry and click OK

    Please note, you will need to repeat this step again and choose Local Computer. 

  11. Click Finish
  12. Select Yes. Close and re-open Internet Explorer.
  13. Close and restart Internet Explorer.

For more information, please refer to

Configure an SSL Certificate for Exchange Server 2010

Exchange Server 2010 like its predecessor Exchange Server 2007 makes heavy use of SSL certificates for various communications protocols. When you install a new Exchange server is comes pre-configured with a self-signed certificate. Before putting a new server into production you should create and assign a new SSL cert for the server.
In this example an SSL cert is being configured for the contoso.local organzation.

Generate a New Exchange Server 2010 Certificate

In the Exchange Management Console navigate to Server Configuration. Right-click the server and choose New Exchange Certificate.

Enter a friendly name for the new cert. In this example I have named it “Contoso Exchange Server”.

Although wildcard certificates are supported in Exchange Server 2010 it is recommended to use a SAN (Subject Alternative Name) cert instead.

Next we can configure the names for each of the Exchange 2010 services that are secured with the SSL certificate.

First is the Outlook Web App service. Enter the internal and external names of Outlook Web App. In this example I am using “ex2010.contoso.local” for internal, and “mail.contoso.local” for external.

Next configure the ActiveSync domain name. For ease of administration and configuration I am using the same name as for Outlook Web App.

Next are the Web Services, Outlook Anywhere ( and Autodiscover names. Once again I am using the same name of “mail.contoso.local”. For Autodiscover the additional names of “autodiscover.contoso.local” and “autodiscover.xyzimports.local” are also configured, for each of the accepted email domains in this example organization.

The Hub Transport server also requires SSL for secure SMTP communications. In this example I am using the name “mail.contoso.local”.

A legacy name for co-existence is required if you are planning to gradually transition services and data from Exchange 2003 to Exchange 2010. Configure legacy names for each of the namespaces in the organization, in this example “legacy.contoso.local” and “legacy.xyzimports.local”.

When all of the services have been configured proceed to the next step of the New Exchange Certificate wizard.

Confirm that all of the required names have been included in the cert request. You can add any additional names at this stage before proceeding.

Next configure the organization and location information for the certificate, and choose a location to generate the request file.

When you have finished filling out the wizard click the New button to generate the cert request file.

Confirm that the request file was successfully generated.

You will notice that the wizard makes a recommendation as to the type of certificate that is required for your Exchange organization. In most cases a “Unified Communications certificate” will be necessary, which is basically another name for a SAN certificate.

Although you can issue the certificate from a private Certificate Authority it is recommended to use acommercial Certificate Authority such as Digicert.

After you have acquired the new certificate return to the Exchange Management Console, navigate to Server Configuration, right-click the server and choose Complete Pending Request.

Browse to the location of the file you downloaded from the CA and complete the wizard. Confirm that the new SSL certificate was imported successfully.

The new certificate now appears in the list of valid certificates for the server.

Assign the New Certificate to Exchange Server 2010

With the valid SSL certificate installed it is now time to assign it to the Exchange Server 2010 services. Right-click the new certificate and choose “Assign Services to Certificate”.

Choose the new Exchange server and click the Next button.

Choose the services to assign to the certificate. In this example the IIS and SMTP services are being assigned.

Complete the wizard to assign the services to the new SSL certificate. You will be prompted to overwrite the existing self-signed certificate, so choose Yes to that prompt.

How to Add the Partner of Record (POR) to an Office 365 Account

Below is the step to Add the Partner of Record (POR) to an Office 365 Account

1. First you will need to login to your Office 365 Admin Control Panel.

2. Click on Admin

3. Click on the Manage

4. Click on the office 365 product you have purchased.

5. Click add partner

6. Enter in our Microsoft Partner ID number : 2047350 and click on “Check ID” Please remember that you have to sign the Microsoft Online Services Partner Agreement before proceeding.

7. Once our ID has been found, click on “OK.”

8. You will see “Comprompt Solutions” below partner Name

77 Windows 7 Tips


77 Windows 7 Tips


Edited by Keith Ward


At a Glance:

  • Make Windows 7 faster
  • Get more done with Windows 7
  • The best Windows 7 shortcuts
  • Securing Windows 7


Windows 7 may be Microsoft’s most anticipated product ever. It builds on Windows Vista’s positives, and eliminates many of that OS’s negatives. It adds new functionality, too—all in a package that is less resource-hungry than its predecessor.

And whether or not you’re upgrading from Vista or skipping it altogether and moving up from Windows XP, you’ll need to know how to make the most of it in your environment. Here are 77 tips and tricks to get you there.

1. Pick Your Edition. Most business users do not need the more expensive Ultimate Edition; stick with Professional unless you specifically need BitLocker.

2. Upgrading? Go 64-bit. As the second major Windows release to fully support 64-bit, the x64 architecture has definitely arrived on the desktop. Don’t buy new 32-bit hardware unless it’s a netbook.

3. Use Windows XP Mode. Yes, it’s only an embedded Virtual PC with a full copy of WinXP—but it’s an embedded Virtual PC with a full copy of Windows XP! This is the first profoundly intelligent use of desktop virtualization we’ve seen—and a great way to move to Windows 7 without giving up full Windows XP compatibility.

4. Use Windows PowerShell v2. More than just a shell, this is the administration tool you’ve always wanted: Parallel, distributed processing for administrative tasks! Manage 100 machines literally as easily as you manage one with the new Remoting feature. Windows PowerShell v2 ships for the first time in Windows 7, and within six months will be available for older versions of Windows.

5. Use AppLocker. We’ve been fans of Software Restriction Policies since Windows XP, and AppLocker finally makes application whitelisting possible. Use it to enhance or even replace your anti-virus software, ensuring that only the software you want to run will run.

6. Shift to and from Explorer and CommandPrompt. The classic Windows power toy Open Command Prompt Here is now an integral part of Windows 7 Explorer. Hold down the shift key then right-click a folder to add this option to the property menu. While you’re in a command prompt, if you want to open an Explorer window with the focus of the window on the current directory, enter start.

7. Record Problems. The Problem Steps Recorder (PSR) is a great new feature that helps in troubleshooting a system (see Figure 1). At times, Remote Assistance may not be possible. However, if a person types psr in their Instant Search, it will launch the recorder. Now they can perform the actions needed to recreate the problem and each click will record the screen and the step. They can even add comments. Once complete, the PSR compiles the whole thing into an MHTML file and zips it up so that it can be e-mailed for analysis to the network admin (or family problem solver, depending on how it’s being used).




Figure 1 The Problem Steps Recorder dramatically speeds up troubleshooting. (Click the image for a larger view)

8. Make Training Videos. Use a tool like Camtasia to record short, two to three minute video tutorials to help your users find relocated features, operate the new Taskbar and so forth. Get them excited about Windows 7—and prepared for it.

9. Start Thinking About Windows Server 2008 R2. Some of Windows 7’s more compelling features, like BranchCache, work in conjunction with the new server OS. The R2 upgrade path is pretty straightforward, so there’s little reason not to take advantage of the synergies if you can afford upgrade licenses.

10. Prepare Those XP Machines. There’s no in-place upgrade from Windows XP to Windows 7, so start planning to migrate user data now, in advance of a Windows 7 upgrade deployment.

11. Consider Clean Installs. Even when upgrading Windows Vista machines, consider a clean install rather than an in-place upgrade. Yes, it’s more hassle, but it’ll produce a more trouble-free computer in the long run.

12. Consider Upgrade Assurance. Even if you’ve never bought it before, consider it for your new Windows 7 licenses. Access to the Microsoft Desktop Optimization Pack (MDOP), which includes App-V, MED-V and other cool technologies, is worth the premium.

13. Find New Tools. Within Control Panel is a single Troubleshooting link that leads you to all of your diagnostic tools on the system. There are additional tools, however, not installed by default. Selecting the “View all” link in the top left-hand corner will help you to see which troubleshooting packs are local and which ones are online. If you find a tool that you don’t have, you can grab it from here.

14. Understand Virtual Desktop Infrastructure (VDI). Windows 7 plays an important role in Microsoft’s VDI strategy, where virtualized Windows 7 machines are hosted on a central virtualization server using a special blanket “Enterprise Centralized Desktop” license. Read up and figure out if you can take advantage of this new strategy.

15. Prepare for DirectAccess. DirectAccess makes it easier for users to remotely access their office-based resources, without a VPN. DirectAccess also opens up remote computers more fully to Group Policy—but it requires Windows 7 and Windows 2008 R2.

16. Employ Deployment Image Servicing and Management (DISM). If you quickly want to list or manage Windows packages, features or drivers, use the command-line utility DISM. The “image” in the name may fool you into thinking that this is solely a deployment tool. An online command-line switch lets you manage the features in the currently loaded OS. To get a list of the loaded Windows features, enter dism /online /get-features /format:table. To enable a feature, enter dism /online /enable-feature /featurename:<name>.

17. Embrace Troubleshooting Packs. Designed to help users troubleshoot and solve problems on their own, you need to update your support procedures to acknowledge these Packs. For example, don’t force users to repeat steps the Pack already walked them through, and consider developing your own Packs (in Windows PowerShell) to support in-house systems.

18. Check Reliability. The Reliability Monitor was introduced in Windows Vista as ‘The Reliability and Performance Monitor.” In Windows 7 it has been separated from Performance Monitor and moved to a new location under the Action Center. You open the Action Center in Control Panel and then look under the Maintenance options for the “View reliability history” link. You can also just type in Reliability Monitor from the Instant Search (see Figure 2).









Figure 2 The Reliability Monitor has been broken out separately from Performance Monitor. (Click the image for a larger view)

19. Accept Diversity. Not every organization will be ready to move entirely to Windows 7 right away. That’s fine—but that shouldn’t mean the entire organization stays on Windows XP, either. The myths of the cost savings of having only one OS have been largely disproven or downplayed, so use Windows 7 where it makes sense to do so.

20. Get Snippy. The snipping tool has also been around in various incarnations but it’s even easier to use in Windows 7. Launch the tool, then drag and drop any part of your screen. The tool will snip the selection. You can save it as a graphic file or annotate with basic drawing tools. Teach your end users how to use this tool so they can grab the snapshots of their problems and send them to the help desk. Or create your own library of visual notes.

21. Presentation Nirvana. Press Windows+P to access the new Presentation mode, and easily turn on your projector and laptop screen at the same time. No more messing with vendor-specific utilities and arcane keystrokes. (Windows+X accesses the Mobility Center, with additional presentation options.)

22. Cut the Clutter. Press Windows+Home to minimize all but the current window, removing background clutter and letting you focus on that report your boss has been bugging you about.

23. Be a Mouse-Click Administrator. Windows 7 makes it easy to gain admin rights with a keyboard shortcut. Click on Ctrl+Shift on a taskbar-locked icon, and voila! You’ve launched it with appropriate admin rights.

24. Faster Installations. If your computer is capable of booting from USB, try this: XCopy the Windows 7 installation DVD to a sufficiently large USB drive, boot from that drive, and install Windows from there. It’s faster than a spinning platter.

25. Burn Discs with a Click. Or two; double-click an ISO file to burn it to your CD or DVD writer.

26. Restore Point Previews Many of us used to shut off System Restore because we were terrified to actually use it; under Windows 7, we can be much calmer. After selecting a Restore Point, Windows will now offer to show you which files and folders will be affected by restoring to that point.

27. Sync Time Zones. If you work with offices in different time zones and frequently find yourself missing meeting times because you are not in sync with their time zone, try the “Additional Clocks” feature that was first introduced in Vista. Within your Date and Time settings is a tab called Additional Clocks, where you can add two or more clocks to your taskbar time, and set them to provide different time zones from your current time zone.

28. Configure User Account Control (UAC). Even if you’re a UAC hater, give it another try. Go to the Control Panel to configure its behavior to something slightly less obnoxious than what Windows Vista had, and see if you can’t live with the extra protection it offers (see Figure 3).











Figure 3 User Account Control, the bane of administrators, has been revamped and improved. (Click the image for a larger view)

29. RoboCopyCopyCopy. The always-useful Robocopy.exe can now run multi-threaded; run Robocopy /? to review its new parameters (like /MT for multithreading) and make your copies go faster.

30. Remote Desktop Console. Windows 7 Remote Server Administration Tools (RSAT) does not include a console-based remote desktop utility. And even if it did, the standard remote desktop console has some nagging limitations: It can’t move connections around in the list; it can’t sort by folders and so forth. If you manage lots of servers from your Windows 7 workstation, try downloading a copy of mRemote from This donation-requested utility allows you to mix together a variety of remote control applications, including Citrix Independent Computing Architecture (ICA), Microsoft Remote Desktop Protocol (RDP), Virtual Network Computing (VNC), Secure Shell (SSH) and rlogin. All host names are displayed in a standard tree control that can be divided into folders, sorted alphabetically, and allow you to assign different logon accounts and secure passwords to each connection.

31. Multiple Monitors. Windows 7 makes working with multiple monitors intuitive and flexible. There are a variety of shortcuts and mouse motions that flick windows from monitor to monitor. To make the most of this, you need lots and lots of screen real estate. Try one of the new QWXGA monitors from Samsung ( or Dell ( These 23-inch monitors have a 2048×1152 resolution, making it possible to put two full-sized pages on the same monitor. Pair them together and you’ll get enough space to have all your admin tools open along with Office, Visio, your intranet sites and a little note to your mom in Live Mail. Move your taskbar to the left or right side of the window instead of along the bottom to free up even more real estate.

32. Windows PowerShell Scripting. If you want to make the most of Windows PowerShell on Windows 7, you’ll need a quick way to build and debug scripts. Windows 7 comes with an interactive editor that allows you to try out cmdlets and test functions on the fly.

33. Drag-and-Drop Notification Icons. The redesigned notification area displays only a minimum number of icons; all other notification icons are moved to a side window. Rather than using the Customize option to select icons for the main display, you can drag-and-drop icons from the side window to the notification area.

34. Add Unindexed Shared Folders to Library. You can add UNC paths such as \servernamesharename to a Library, but the server must index the folder. If you want to add a UNC path to an unindexed server, you can create a symbolic link to the UNC path, then add the link or links to the library. Use the mklink command. For example, mklink HomeFolder \ServerNameHomefolder.

35. Simplify Cloned Machine Setups. You can’t run Sysinternals’ newsid utility to change the identity of a cloned Windows 7 machine (either a virtual machine or imaged PC). Instead, create a template installation then run sysprep /oobe /generalize /reboot /shutdown /unattend:scriptfile. Clone or copy this virtual machine file. When it launches, it will get a new SID and you can fill in the name. The reference for building unattended script files is at

36. Snap That Aero. The Windows key is great for all your shortcuts. Now you can use it to work with the new AeroSnap feature in Windows 7. Select a window, hit the Windows key and a left or right arrow to snap the window to that half of the screen, or use the up arrow to snap it to the top of the screen.

37. Shortcut the Taskbar. The Windows key is great for shortcuts. You can select the Windows key and a number to correspond to items on your taskbar. So, if IE (for example) is the third icon on your taskbar (not counting the Start button), you can hit the Windows key and the number three to launch or open IE.

38. Manage Passwords. Control Panel includes a new application called Credential Manager. This may appear to be a completely new tool that allows you to save your credentials (usernames and passwords) for Web sites you log into and other resources you connect to (such as other systems). Those credentials are saved in the Windows Vault, which can be backed up and restored. However, you might see this as similar to a tool we have in XP and Vista. From the Instant Search, type in control /userpasswords2 and you will be brought to the Advanced User Accounts Control Panel, where you can also manage passwords for your account (see Figure 4).










Figure 4 The Credential Manager provides a handy, secure place to store passwords. (Click the image for a larger view)

39. Trigger Actions. Event Viewer is closely tied into Task Scheduler. You have the ability to take an event (select it in Event Viewer) and then from the Actions pane, select the option “Attach a Task” to have that event, when it appears, trigger an action. That action can be: launch a program; send an e-mail; or display a message. This feature may be very helpful in troubleshooting a problem.

40. Browse InPrivate. A new feature in IE8 is the ability to open the browser in an InPrivate Browsing session that allows you to perform banking and so forth from a public location without fear of leaving behind any residue. IE will not retain anything you do in an In­Private Browsing session. You can perform this action if you are already within IE by selecting the Safety button and then InPrivate Browsing. This will open another IE window altogether. However, you can save a few steps by using the shortcut. Right-click the desktop IE icon, click InPrivate and the windows will open in an InPrivate session already.

41. Go Live. Many applications installed on past versions of Windows have been removed. Starting with Windows 7, these applications (and a few others not typically installed with Windows) have been moved into the Live Essentials downloadable applications, at These applications include Messenger, Mail, Writer, Photo Gallery, Movie Maker, Family Safety and a few others.

42. Remove Apps. Although some applications have been moved off of Windows to become an optional download, other apps, such as IE8, Media Player, Media Center and DVD Maker are still included. In times past, especially when it came to IE, the applications were tied into the OS. However, in Windows 7 you can easily remove them if desired. Head to the Program and Features applet in Control Panel and select the “Turn Windows features on or off” link in the top left-hand corner. Then you can select the checkbox of the features you want to lose or add for your system (see Figure 5).

















Figure 5 Windows 7 unbinds many applications from the OS, making it easy to add and remove them. (Click the image for a larger view)

43. Are You Windows 7 Experienced? System properties has a rating called the Windows Experience Index (WEI). This rating is a collection of five different ratings that are determined by the Windows System Assessment Tool (WinSAT). The highest rating score is 7.9 (compared to 5.9 in Vista), using the categories of Processor, RAM, Graphics, Gaming Graphics and Primary Hard Disk. The final rating is not an average of all the ratings, but the lowest of the subcomponent scores.

44. Analyze Processes. One of the coolest new features in the revamped Resource Monitor (resmon) is the ability to see the “wait chain traversal.” An unresponsive process will be shown in red in the Resource Monitor; right-click the process and choose Analyze Process. This will show the threads in the process and see who holds the resources that are holding up the process itself. You can then kill that part of the process if you like.

45. Create Virtual Worlds. Virtualization capability has been added to the Disk Management tools. If you open Computer Management, go to the Disk Manager tool and then click the Action button at top, you will see the options Create VHD and/or Attach VHD. This allows you to create and mount a virtual hard drive directly from within the GUI. Note: With Windows 7 you even have the ability to boot a Windows 7 VHD (see Figure 6).














Figure 6 Windows 7 adds a great deal of virtualization support, including the ability to create and attach virtual hard drives from the GUI. (Click the image for a larger view)

46. Encrypt USB Sticks. Use BitLocker To Go. Maybe you’ve managed to never misplace or lose a USB key, but for the rest of us mere mortals, it’s a fact of life. Most of the time it’s no big deal, but what if it contains sensitive data? BitLocker To Go enables you to encrypt data on removable storage devices with a password or a digital certificate stored on a smart card.

The 14 Best Windows 7 Keyboard Shortcuts

The Windows key now performs a wide variety of functions. Here are a handful of the most useful ones:

64. Win+h – Move current window to full screen

65. Win+i – Restore current full screen window to normal size or minimize current window if not full screen

66. Win+Shift+arrow – Move current window to alternate screen

67. Win+D – Minimize all windows and show the desktop

68. Win+E – Launch Explorer with Computer as the focus

69. Win+F – Launch a search window

70. Win+G – Cycle through gadgets

71. Win+L – Lock the desktop

72. Win+M – Minimize the current window

73. Win+R – Open the Run window

74. Win+T – Cycle through task bar opening Aero Peek for each running item

75. Win+U – Open the Ease of Use center

76. Win+Space – Aero Peek the desktop

77. Ctrl+Win+Tab – Open persistent task selection window, roll mouse over each icon to preview item and minimize others

47. Lock with Group Policy. Take control through AppLocker application control. AppLocker intercepts kernel calls that try to create new processes or load libraries and ensures the code is allowed to execute. Practically, that means you can eliminate unknown and unwanted software by implementing AppLocker through Group Policy.

48. Be Our Guest. Guest mode proves a convenient method to give a guest or child access to your computer with limits on making system changes, installing software, or writing to the disk outside the user profile. After the user is done and logs off, data saved inside of the user profile is deleted. You cannot use Guest mode in an AD environment.

49. Restore from Backed up Restore Points. You can choose to include restore points in your backups and restore from them when using System Restore. This is convenient if you want to create a baseline of a working configuration and be able to restore to it in the future without overwriting other data on the hard disk.

50. Benefit from BranchCache. BranchCache helps you save on round trips for requested files in remote branch scenarios. If one person requests a file over the WAN, it’s cached locally and either distributed across computers at the remote branch or stored on a central server at the remote branch.

51. Disable Search Suggestion Popups. As you type in the Search Box, Windows 7 makes suggestions based on past queries by pulling past queries from the Registry. You can disable this in the Local Group Policy by enabling User Configuration | Administrative Templates | Windows Components | Windows Explorer | Turn Off Display Of Recent Search Entries In the Windows Explorer.

52. Pin Control Panel to Taskbar. If you use the Control Panel frequently, you may have noticed that you cannot simply right-click the Control Panel and select Pin to Taskbar. Instead, you must first Open Control Panel so its icon appears in the taskbar. From there, you can right-click the icon in the taskbar and select Pin this program to taskbar.

53. Leverage Search Connectors. You can now search the Web using the search functionality. Windows 7 includes Federated Search to increase the search scope beyond the local and network resources. Several search connectors are available, such as for YouTube and Twitter, or you can create custom ones to fit your needs.

54. Use Stickier Notes. Even though this feature has existed in previous versions of Windows in one form or another, it’s much easier to use in Windows 7. You can stick a note on your desktop for quick reminders. It’s a snap to change the font or note color. If you have a note selected, use Ctrl-N to create a new one.

55. Try out Improved WordPad. You probably haven’t given much thought to WordPad lately, but the version shipping with Windows 7 has undergone a major renovation. Think of it as a lite version of Microsoft Word. WordPad sports a spiffy ribbon interface, making it a snap to create well-formatted documents. Plus, you are no longer relegated to saving them as .RTF files. WordPad now supports the Office Open XML document (.DOCX) format. This makes it even easier to open .DOCX files created in Word in WordPad.

56. Calculate. Another basic utility that received a major overhaul is the venerable calculator. In addition to standard and scientific views, there are now programmer and statistic modes. You will also love the conversion and calculation features. Want to convert Celsius to Fahrenheit but can never remember the formula? Use the conversion panel. You’ll also enjoy the data calculation extension. Quickly find the difference between two dates or calculate a new date by adding or subtracting years, months or days.

57. Manage Services
from Task Manager. The Windows 7 Task Manager now includes a tab to manage services. You can quickly see at a glance the status of all services on your machine. Click a column heading to sort. You can even start and stop services with a simple right-click. If you need full-blown service management, use the Services button to launch the Services management console. You may often have the Task Manager running in the system tray; now, having service management access means one less window to have open.

58. Get Under the Hood. Windows 7 offers more ways to peek under the hood without adding third-party solutions. A terrific example is the Resource Monitor. The performance tab in Windows Task Manager is a good start, but sometimes you need more information. Click the Resource Monitor button to get more detailed information and performance graphs for key subsystems like CPU and Disk. You can also find the Resource Monitor under Accessories | System Tools.

59. Check Vital Signs. Another new system tool you’ll enjoy is the System Health report. In the Run dialog box, type perfmon /report, which generates a system health report. This report records details about your computer’s performance, resource usage and more. The report also includes diagnostic information about things that aren’t working as they should and suggested steps to resolve. The reports are saved and can be accessed with the Performance Monitor management console. You can also save as an HTML file or send via e-mail.

60. Get More Windows PowerShell. Windows PowerShell v2 promises to be a game-changer for many system administrators. Many will prefer to use the graphical Windows PowerShell console, also known as the Integrated Scripting Environment (ISE). You’ll find this in the Windows Power­Shell folder under Accessories. Add a keyboard shortcut of Ctrl+Alt+I to quickly launch it. Run any Windows PowerShell command in the lower panel and see the results in the middle. Create or edit scripts in the top pane. Open multiple Windows PowerShell sessions connected to remote computers. The ISE makes Windows PowerShell v2 easy to use and fun (see Figure 7).










Figure 7 Windows PowerShell has been much more tightly integrated with Windows 7, and adds the Integrated Scripting Environment. (Click the image for a larger view)

61. Put It on Old Stuff. One perhaps-not-so-obvious Windows 7 tip is that you should attempt to install it everywhere. One user has a 6-year-old laptop that originally shipped with Windows XP. He could never get Windows Vista to install on it. But Windows 7 installed without complaint and runs extremely smooth. Granted, there are some Windows 7 features he can’t take advantage of because the processor lacks certain features, but these are minor issues considering the laptop now has life again.

62. Improve Security. In Vista it was difficult to manage system protection via restore points. The System Protection tab in Windows 7 is a vast improvement. In one spot you can configure how much space to devote to restore points, delete and create restore points or even turn off system protection altogether. This is very useful on older systems where disk space may be at a premium.

63. Actually Use Help and Support. Much of Vista’s clutter has been reduced in Windows 7. For instance, the Help and Support page has three links, a search window and a link back to Microsoft’s Windows site. It’s much less intimidating for end users, so make sure they know about it. Search is much improved as well, making for a better, faster experience.


A number of writers contributed to this article. They include:

Bill Boswell is a Senior Consultant in Microsoft Consulting Services, Desert Mountain region.

Pav Cherny is an IT expert and author specializing in Microsoft technologies for collaboration and unified communication. His publications include white papers, product manuals, and books with a focus on IT operations and system administration. Cherny is President of Biblioso Corp, a company that specializes in managed documentation and localization services.

Don Jones is a co-founder of, where he contributes daily technical education articles on Windows, Windows PowerShell, SQL Server, and other Microsoft and related technologies. You can reach him through the Web site.

J. Peter Bruzzese, Triple-MCSE, MCT, MCITP: Messaging, is the co-founder of ClipTraining, a provider of task-based screencast training with a proprietary corporate Learning Management Solution (LMS) CT LMS 5.0. He’s the author of “Microsoft Windows 7 Unveiled” (Que, 2009). He can be reached at

Jeffery Hicks (MCSE,MCSA,MCT) is an independent author, trainer, consultant and a Microsoft MVP for Windows PowerShell. He is the co-author and author of several scripting-related books and perhaps best known for his Mr. Roboto and Prof. PowerShell columns. Follow Hicks at and


Courtesy :-




DNSChanger Trojan infected machine internet not access.

DNSChanger Trojan No Internet Access on March 8

Today I Have Read News on Our Local News Paper no Internet Access on March 8. Every Time that Newspaper Title is shocked but inside story is so far then the Title but Today I have Read DNSChanger Virus/ Malware and I’m Search About this is a DNS Changer

I’m Shocked When Read one Famous Security Expert Brian Krebs say about this DNS Changer remains on computers at 50% of Fortune 500 companies, and on PCs at nearly 50% of all federal government agencies.

What is a DNS?

DNS (Domain Name System) is an Internet service that converts user-friendly domain names into the numerical Internet protocol (IP) addresses that computers use to talk to each other. When you enter a domain name, such as, in your web browser address bar, your computer contacts DNS servers to determine the IP address for the website. Your computer then uses this IP address to locate and connect to the website. DNS servers are operated by your Internet service provider (ISP) and are included in your computer’s network configuration. DNS and DNS Servers are a critical component of your computer’s operating environment—without them, you would not be able to access websites, send e-mail, or use any other Internet services.

What is this DNSChanger Trojan?

Criminals have learned that if they can control a user’s DNS servers, they can control what sites the user connects to on the Internet. By controlling DNS, a criminal can get an unsuspecting user to connect to a fraudulent website or to interfere with that user’s online web browsing. One way criminals do this is by infecting computers with a class of malicious software (malware) called DNSChanger. In this scenario, the criminal uses the malware to change the user’s DNS server settings to replace the ISP’s good DNS servers with bad DNS servers operated by the criminal. A bad DNS server operated by a criminal is referred to as a rogue DNS server.

This Trojan is Modify Windows Hosts file to map specific domain names to specific IP addresses and Modify Windows registry settings to reference specific (rogue) DNS servers. Once infected by the DNSChanger Trojan, however, websites entered into Internet browsers were hijacked to malicious servers and, in turn, directed the user to an unintended, fraudulent site

The DNSChanger Trojan Horse, also known as OSX.RSPlug.A and OSXPuper, and OSXJahlav-C, has been found on numerous pornographic websites disguising itself as a video codec. Once downloaded and installed, DNSChanger changes the DNS settings on the computer, redirecting websites entered by the user to malicious sites. If personal information is entered on these malicious websites, it can lead to identity theft.

Trojan.DNSChanger is a very scary Trojan that can cause serious damage to both your computer and your life. Trojan.DNSChanger opens up firewalls and collects confidential information such as personal financial information. Trojan.DNSChanger could avoid the security, monitor your Internet browsing activity, and modify the registry entries. Trojan.DNSChanger is an unwanted application that comes secretly but weaves great shock on the infected computer. Trojan.DNSChanger needs to be removed once detected to keep your computer clean and secured.


* Google, Yahoo Searches are redirected. Desktop background image and Browser homepage settings are changed. This is a common symptom of a very serious Trojan.DNSChanger infection.

* Trojan.DNSChanger slows down your computer considerably and you will feel like your computer is stuck. This includes opening programs, shutting down your computer, and slow Internet.

* You will get many unwanted pop ups. Trojan.DNSChanger corrupts your windows registry and uses it to deploy annoying pop up ads out of nowhere.

How Dangerous is Trojan.DNSChanger Infection?

This infection will change your registry settings and other important windows system files. If Trojan.DNSChanger is not removed it can cause a complete computer crash.

Some Trojan.DNSChanger infections contain trojan and keyloggers which can be used to steal sensitive data like passwords, credit card, bank account information etc. So it is very important to remove Trojan.DNSChanger as early as possible before it steals your information. Trojan.DNSChanger Virus will display numerous fake infections of exaggerated security threats on your computer and then state that you should purchase the program in order to remove the infections. Do not trust the warnings shown by Trojan.DNSChanger.

How to check My Pc in Infected from DNS Changer Trojan?

It’s Very Simple to check your Pc is infected from DNSChanger Malware or not goes any site listed above here using a browser, open up one of these pages:


These web sites provide information, and generally display either a warning (often a red color theme) if you’re using Rove Digital DNS resolvers, or an “ok” sign (often with a green color theme) if you’re not infected.

If Wont to check your System Manual is Infected from That Malware in windows OS (Xp, Window 7). Hit Start and Run then Type Cmd a Dos window will be open and for checking your ip type ipconfig /all u have seen Your DNS note your DNS

If your computers’ DNS settings use the follow ranges, then you likely have been affected by the DNS Changer viruses.

Between this IP… … and this IP

Remove Trojan.DNSChanger (Removal Guide), How To Remove Trojan.DNSChanger

The FBI has uncovered a network of rogue DNS servers and has taken steps to disable it. The FBI is also undertaking an effort to identify and notify victims who have been impacted by the DNSChanger malware. One consequence of disabling the rogue DNS network is that victims who rely on the rogue DNS network for DNS service could lose access to DNS services. To address this, the FBI has worked with private sector technical experts to develop a plan for a private-sector, non-government entity to operate and maintain clean DNS servers for the infected victims. The FBI has also provided information to ISPs that can be used to redirect their users from the rogue DNS servers to the ISPs’ own legitimate servers. The FBI will support the operation of the clean DNS servers for four months, allowing time for users, businesses, and other entities to identify and fix infected computers. At no time will the FBI have access to any data concerning the Internet activity of the victims.

It is quite possible that computers infected with this malware may also be infected with other malware. The establishment of these clean DNS servers does not guarantee that the computers are safe from other malware. The main intent is to ensure users do not lose DNS services.


Trojan.DNSChanger Infection Symptoms

Computer infected with Trojan.DNSChanger?

Is your PC infected with Trojan.DNSChanger? Not to worry. Our step-by-step guide and the listed Spyware removal tool can help you safely remove Trojan.DNSChanger from your computer.

Please, be informed that manual removal of Trojan.DNSChanger malware is a cumbersome procedure and does not always ensure complete deletion of the Trojan.DNSChanger, since some files might be hidden or may automatically reanimate themselves later.

How to remove Trojan.DNSChanger Automatically?

Trojan.DNSChanger is a dangerous infection.

“Trojan.DNSChanger should be removed as early as possible. Click the “Remove this infection” button to download Trojan.DNSChanger removal tool.”


Download Trojan.DNSChanger Removal Tool to automatically remove Trojan.DNSChanger.

How to Remove Trojan.DNSChanger Manually

Manual removal of Trojan.DNSChanger Spyware is a difficult task, we recommend you to use our Automatic Spyware removal tool. This is a safe and easy method. Download SPYWARE Doctor / Malware byte to automatically remove Trojan.DNSChanger.

Manual Trojan.DNSChanger Removal Steps:

* Stop Trojan.DNSChanger process using the windows task manager.

* Uninstall Trojan.DNSChanger program from windows control panel Add/Remove Programs.

* Open windows registry using regedit.exe command. Find and Remove all Trojan.DNSChanger Registry Files.

* Search for Trojan.DNSChanger Files on your computer and delete it.

Please, be informed that manual removal of Trojan.DNSChanger malware is a cumbersome procedure and does not always ensure complete deletion of the Trojan.DNSChanger, since some files might be hidden or may automatically reanimate themselves later.

Trojan.DNSChanger properties:

1. Trojan.DNSChanger Changes browser settings
2. Trojan.DNSChanger shows commercial adverts
3. Trojan.DNSChanger Connects itself to the internet
4. Trojan.DNSChanger stays resident in background

While Windows Trojan.DNSChanger is running, it will display a variety of fake security warnings and block legitimate Windows applications on your computer. Some of the alerts Trojan.DNSChanger shows are:

Suspicious software activity is detected by Trojan.DNSChanger on your computer.
Please start system files scanning for details.

Name: taskmgr.exe
Name: C:WINDOWStaskmgr.exe

Trojan.DNSChanger detects application that seems to be a key-logger. System information security is at risk. It is recommended to enable the security mode and run total System scanning.

Just like false scan results above, all of these alerts Trojan.DNSChanger shows are a fake and supposed to scare you into thinking your computer is in danger. You should ignore all of them!

As you can see, Trojan.DNSChanger is a scam. Most importantly, do not purchase it! Instead of doing so, follow the removal instructions provided in our site to remove Trojan.DNSChanger and any associated malware from your computer.

Associated Trojan.DNSChanger Windows Registry Information:

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “.exe”
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “”
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings “CertificateRevocation” = ’0?
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings “WarnonBadCertRecving” = ’0?
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesActiveDesktop “NoChangingWallPaper” = ’1?
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAssociations “LowRiskFileTypes” = ‘/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:’
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAttachments “SaveZoneInformation” = ’1?
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem “DisableTaskMgr” = ’1?
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem “DisableTaskMgr” = ’1?
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload “CheckExeSignatures” = ‘no’
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain “Use FormSuggest” = ‘yes’
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced “Hidden” = ’0?
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced “ShowSuperHidden” = 0?

Associated Trojan.DNSChanger Files:

Windows XP:

%AllUsersProfile%Application Data~
%AllUsersProfile%Application Data~r
%AllUsersProfile%Application Data.dll
%AllUsersProfile%Application Data.exe
%AllUsersProfile%Application Data
%AllUsersProfile%Application Data.exe
%UserProfile%Start MenuProgramsTrojan.DNSChanger
%UserProfile%Start MenuProgramsTrojan.DNSChangerUninstall Trojan.DNSChanger.lnk
%UserProfile%Start MenuProgramsTrojan.DNSChangerTrojan.DNSChanger.lnk

Windows Vista & 7:

%UserProfile%Start MenuProgramsTrojan.DNSChanger
%UserProfile%Start MenuProgramsTrojan.DNSChangerUninstall Trojan.DNSChanger.lnk
%UserProfile%Start MenuProgramsTrojan.DNSChangerTrojan.DNSChanger.lnk

File Location Notes:

%UserProfile% refers to the current user’s profile folder. By default, this is C:Documents and Settings for Windows 2000/XP, C:Users for Windows Vista/7, and c:winntprofiles for Windows NT.

%AllUsersProfile% refers to the All Users Profile folder. By default, this is C:Documents and SettingsAll Users for Windows 2000/XP and C:ProgramData for Windows Vista/7.

To put it simply, you need to delete Trojan.DNSChanger from your computer before it cause tremendous harm. Don’t believe Trojan.DNSChanger claims that everything will go back to normal if you acquire the license for the full version of the program. You will only lose your money while the Trojan.DNSChanger rogue will remain in your system. Invest in a reliable security tool and remove Trojan.DNSChanger from your computer.


Courtesy :-

Beware of online fraudsters

Beware of online fraudsters trying to obtain your personal details