One of our primary concerns here in the Support Practice Group is to maintain our clients’ networks in tip top shape, and this means regularly applying patches and hotfixes. At the moment, we are leveraging WSUS to monitor and deploy patches to servers and workstations at many of our clients, which allows us to select which updates we want to approve and distribute to client machines in the background. We then can manually kick off the install and subsequent reboot once all the necessary updates have been downloaded to each client.

However, as clients upgrade to Server 2008, this method will become problematic for those that leverage the Windows Server Core option. With no GUI, how do we install updates? One of our consultants recently came across a very useful script for just such an occasion, while browsing this blog. After approving and releasing patches to the WSUS clients, he dropped that script into the c:\Tools directory and ran it to install the updates. As we transition to using our network monitoring software (Kaseya) to deploy Microsoft patches and hotfixes, patching Windows Server Core 2008 servers will remain as simple as it is with this script.

As consultants to legal professionals, we here at Kraft Kennedy often have to deal with sensitive or private information or data. This often means something as simple as password protecting case privileged files or documents as they are emailed back and forth between opposing counsel or other parties.

I recently came across this issue for a client in the Support Practice who wanted to password protect some documents they had compressed and needed to email to co-counsel in the Far East. My first inclination was to recommend one of the tried and true file compression utilities, like WinZip or WinRAR. After all, Windows is good for compressing files, but doesn’t offer any of the more robust features that these utilities have, right?

Wrong. After a little digging, I found that Windows XP has, as a native file compression feature, the ability to password protect zipped files. And it’s as easy as opening the file menu from within the compressed folder, and selecting the “Add a Password” function. This is a quick, clean, and inexpensive way of adding a little extra security to documents that may need a little extra security.

The bad news is that this feature didn’t carry over to either Windows Vista or Windows 7. You can still open a zip file that is password protected on either of these operating systems, but you can’t add password protection to a zip file one either of these operating systems. Here’s hoping that this feature will get added to Windows 7 soon.

Move over H1N1; recent months have seen an uptick in a particularly sinister breed of virus, commonly called scareware.

This form of malware disguises itself to appear as though it is an anti-virus or anti-spyware program, when, in fact, it is exactly what it claims to prevent. Often, the rogue software will appear as a red shield in the system tray very similar to the yellow windows update icon, or in a web browser window designed to look just like Symantec or a similar anti-virus program interface. It will alarm the user that the computer has already been affected with spyware or malware, and urge them to click to scan the computer or clean the viruses off the hard drive. Of course, this will only download further malware, or require the user to purchase a registration key and refuse to remove the infection until that is done.

So far, we have observed a variety of organizations pick up malware of this kind. Symantec’s virus and malware definitions seem to be just a shade behind some of these strains, as even the latest Endpoint Protection services have not prevented users from getting these viruses. The confusing nature of the messages that users are prompted with make it especially likely that the average user will be unable to realize that what they’re being prompted to do is in fact harmful to their system. Furthermore, some of the programs can be particularly difficult to deal with; in one instance, a user downloaded a version that copied in a doctored version of a Windows DLL, and proceeded to kill any process attempting to scan and immediately alter permissions on the corresponding executable such that it could not be executed by the user again. In this case, the easiest and most efficient solution was to back up the critical data and reimage.

There are other tools which may help. Malware bytes has proven to be a very effective solution in identifying and removing such scareware. Malware Bytes is a freeware program that can be downloaded at www.malwarebytes.org

Most PC users have probably had this complaint at some point during their user experience, and certainly anyone who was worked in support of users has heard it countless times: “My computer is too slow!”

Workstation slowness can be frustrating for anyone, and a tighter economy means reduced budgets, which makes it harder for IT departments to keep pace with technology. What then can one do to improve workstation performance when IT admins have to put off workstation upgrade or refresh projects? Well, there are all the usual tricks. Adding RAM may be a cost efficient alternative to replacing workstations or you could turn off all resource intensive visual effects and adjust Windows to run for best performance.

But there is another quick trick that has proven useful to members of the Support Practice Group: recreating the WSUS database on the workstation. The Windows Server Update Service is a useful and commonly used method of managing the distribution of Microsoft updates to user workstations, and its standard practice for SPG clients.

WSUS client workstations contact the server to determine which updates are required and approved, and keeps a log in the following file: c:\WINDOWS\SoftwareDistribution\Datastore\datastore.edb. Overtime, this database file will grow, and as it grows it can begin to wear on performance. If you find a copy that has grown to 20-30+ MB, try renaming the file and allowing Windows to rebuild a copy from scratch. It’s a very quick and easy fix that can yield immediate benefits in workstation performance.