How to Fix Wanna Cry Ransomware

Wanna Cry will root your system and install a persistent hidden service that creates a GIBBERISH file name. This file can be deleted but it is automatically recreated. First clean the system with a program such as malwarebytes: https://www.malwarebytes.com/mwb-download. After cleaning the system some file fragments are left over. Next open the gibberish file in notepad or similiar and make a note of it’s name. Delete most of the gibberish code and save it. This has damaged the malware. Now search the registry for this file name and delete all reg entries to this files. Reboot the computer. Now delete the file(s)/folder and it should stay deleted. Run windows update and install all patches. Reboot and double check your system. It should be clean. Restore files from backup drive/tape/NAS or VSS if your shadow copy was on. Search for any .encrypted files and delete them (I do this after restoring from backup so I make sure all original files were restored or which original files were lost – helps to keep track of data loss).

If you still need help, call 314-276-2597.

Windows 10 Start menu troubles? Microsoft has a troubleshooter for that.

If your Windows 10 start menu won’t come up, Microsoft has a troubleshooter as outlined in this article: https://www.cnet.com/how-to/how-to-fix-the-windows-10-start-menu

A corporate client had this problem. The PC was a Dell Optiplex 9020 with a factory loaded copy of Windows 10. We updated Windows 10 with all the most recent patches. Local profiles worked perfectly fine but domain profiles/logons had this problem. Clearly there was a permission issue in some area of the registry or file system. The Microsoft app fix didn’t work. Nor did many other reg hacks and other troubleshooting. In the end we took a retail copy of Windows 10 and reloaded Windows. That fixed it and it also ran faster than Dell’s factory load. The source of the issue is Windows 10 but also it might have been how it was loaded at the factory??? Another note, we ghosted the Dell Windows image to a Samsung SSD. There were no issues in the local profile (even after joining the domain), only domain profiles. After fixing it we disabled telemetry as outlined in our earlier post the computer runs very fast.

This is the link to the Microsoft app: here and more info here. Some other sites with troubleshooting steps: here and here.

Note: In our case the Microsoft app said there was a problem in the domain profile but when logged on as a local user the app reported no issues! So we formatted the SSD and started over from scratch. It was not a repair install and the computer ran perfectly after the clean reinstall.

 

How to Get Back Windows 10 – Windows Photo Viewer

Microsoft hides Windows Photo Viewer that we all used from Windows XP through Windows 8. If you upgrade to Windows 10 it is there but for new installations it is gone. You’ll need to bring it back with this script.

Copy the below text to notepad (or notepad++) and save it as photoviewer.reg, then run it and say YES when asked about modifying the registry.

______________________________________________________________

 

Windows Registry Editor Version 5.00

; Created by: Shawn Brink
; Created on: August 8th 2015
; Tutorial: http://www.tenforums.com/tutorials/14312-windows-photo-viewer-restore-windows-10-a.html

[HKEY_CLASSES_ROOT\Applications\photoviewer.dll\shell\open]
“MuiVerb”=”@photoviewer.dll,-3043”

[HKEY_CLASSES_ROOT\Applications\photoviewer.dll\shell\open\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,75,00,\
6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,\
00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,\
25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,68,00,6f,\
00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,72,00,5c,00,50,00,68,00,\
6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,65,00,72,00,2e,00,64,00,6c,00,6c,\
00,22,00,2c,00,20,00,49,00,6d,00,61,00,67,00,65,00,56,00,69,00,65,00,77,00,\
5f,00,46,00,75,00,6c,00,6c,00,73,00,63,00,72,00,65,00,65,00,6e,00,20,00,25,\
00,31,00,00,00

[HKEY_CLASSES_ROOT\Applications\photoviewer.dll\shell\open\DropTarget]
“Clsid”=”{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Bitmap]
“ImageOptionFlags”=dword:00000001
“FriendlyTypeName”=hex(2):40,00,25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,\
00,46,00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,20,00,50,00,68,00,6f,00,74,00,6f,00,20,00,56,00,69,00,65,00,77,\
00,65,00,72,00,5c,00,50,00,68,00,6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,\
65,00,72,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,35,00,36,00,00,\
00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Bitmap\DefaultIcon]
@=”%SystemRoot%\\System32\\imageres.dll,-70”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Bitmap\shell\open\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,75,00,\
6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,\
00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,\
25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,68,00,6f,\
00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,72,00,5c,00,50,00,68,00,\
6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,65,00,72,00,2e,00,64,00,6c,00,6c,\
00,22,00,2c,00,20,00,49,00,6d,00,61,00,67,00,65,00,56,00,69,00,65,00,77,00,\
5f,00,46,00,75,00,6c,00,6c,00,73,00,63,00,72,00,65,00,65,00,6e,00,20,00,25,\
00,31,00,00,00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Bitmap\shell\open\DropTarget]
“Clsid”=”{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF]
“EditFlags”=dword:00010000
“ImageOptionFlags”=dword:00000001
“FriendlyTypeName”=hex(2):40,00,25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,\
00,46,00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,20,00,50,00,68,00,6f,00,74,00,6f,00,20,00,56,00,69,00,65,00,77,\
00,65,00,72,00,5c,00,50,00,68,00,6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,\
65,00,72,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,35,00,35,00,00,\
00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\DefaultIcon]
@=”%SystemRoot%\\System32\\imageres.dll,-72”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\shell\open]
“MuiVerb”=hex(2):40,00,25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,\
69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,\
00,20,00,50,00,68,00,6f,00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,\
72,00,5c,00,70,00,68,00,6f,00,74,00,6f,00,76,00,69,00,65,00,77,00,65,00,72,\
00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,34,00,33,00,00,00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\shell\open\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,75,00,\
6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,\
00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,\
25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,68,00,6f,\
00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,72,00,5c,00,50,00,68,00,\
6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,65,00,72,00,2e,00,64,00,6c,00,6c,\
00,22,00,2c,00,20,00,49,00,6d,00,61,00,67,00,65,00,56,00,69,00,65,00,77,00,\
5f,00,46,00,75,00,6c,00,6c,00,73,00,63,00,72,00,65,00,65,00,6e,00,20,00,25,\
00,31,00,00,00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\shell\open\DropTarget]
“Clsid”=”{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Jpeg]
“EditFlags”=dword:00010000
“ImageOptionFlags”=dword:00000001
“FriendlyTypeName”=hex(2):40,00,25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,\
00,46,00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,20,00,50,00,68,00,6f,00,74,00,6f,00,20,00,56,00,69,00,65,00,77,\
00,65,00,72,00,5c,00,50,00,68,00,6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,\
65,00,72,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,35,00,35,00,00,\
00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Jpeg\DefaultIcon]
@=”%SystemRoot%\\System32\\imageres.dll,-72”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Jpeg\shell\open]
“MuiVerb”=hex(2):40,00,25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,\
69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,\
00,20,00,50,00,68,00,6f,00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,\
72,00,5c,00,70,00,68,00,6f,00,74,00,6f,00,76,00,69,00,65,00,77,00,65,00,72,\
00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,34,00,33,00,00,00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Jpeg\shell\open\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,75,00,\
6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,\
00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,\
25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,68,00,6f,\
00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,72,00,5c,00,50,00,68,00,\
6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,65,00,72,00,2e,00,64,00,6c,00,6c,\
00,22,00,2c,00,20,00,49,00,6d,00,61,00,67,00,65,00,56,00,69,00,65,00,77,00,\
5f,00,46,00,75,00,6c,00,6c,00,73,00,63,00,72,00,65,00,65,00,6e,00,20,00,25,\
00,31,00,00,00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Jpeg\shell\open\DropTarget]
“Clsid”=”{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Gif]
“ImageOptionFlags”=dword:00000001
“FriendlyTypeName”=hex(2):40,00,25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,\
00,46,00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,20,00,50,00,68,00,6f,00,74,00,6f,00,20,00,56,00,69,00,65,00,77,\
00,65,00,72,00,5c,00,50,00,68,00,6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,\
65,00,72,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,35,00,37,00,00,\
00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Gif\DefaultIcon]
@=”%SystemRoot%\\System32\\imageres.dll,-83”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Gif\shell\open\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,75,00,\
6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,\
00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,\
25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,68,00,6f,\
00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,72,00,5c,00,50,00,68,00,\
6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,65,00,72,00,2e,00,64,00,6c,00,6c,\
00,22,00,2c,00,20,00,49,00,6d,00,61,00,67,00,65,00,56,00,69,00,65,00,77,00,\
5f,00,46,00,75,00,6c,00,6c,00,73,00,63,00,72,00,65,00,65,00,6e,00,20,00,25,\
00,31,00,00,00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Gif\shell\open\DropTarget]
“Clsid”=”{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Png]
“ImageOptionFlags”=dword:00000001
“FriendlyTypeName”=hex(2):40,00,25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,\
00,46,00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,20,00,50,00,68,00,6f,00,74,00,6f,00,20,00,56,00,69,00,65,00,77,\
00,65,00,72,00,5c,00,50,00,68,00,6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,\
65,00,72,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,35,00,37,00,00,\
00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Png\DefaultIcon]
@=”%SystemRoot%\\System32\\imageres.dll,-71”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Png\shell\open\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,75,00,\
6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,\
00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,\
25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,68,00,6f,\
00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,72,00,5c,00,50,00,68,00,\
6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,65,00,72,00,2e,00,64,00,6c,00,6c,\
00,22,00,2c,00,20,00,49,00,6d,00,61,00,67,00,65,00,56,00,69,00,65,00,77,00,\
5f,00,46,00,75,00,6c,00,6c,00,73,00,63,00,72,00,65,00,65,00,6e,00,20,00,25,\
00,31,00,00,00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Png\shell\open\DropTarget]
“Clsid”=”{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Wdp]
“EditFlags”=dword:00010000
“ImageOptionFlags”=dword:00000001

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Wdp\DefaultIcon]
@=”%SystemRoot%\\System32\\wmphoto.dll,-400”

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Wdp\shell\open]
“MuiVerb”=hex(2):40,00,25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,\
69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,\
00,20,00,50,00,68,00,6f,00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,\
72,00,5c,00,70,00,68,00,6f,00,74,00,6f,00,76,00,69,00,65,00,77,00,65,00,72,\
00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,34,00,33,00,00,00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Wdp\shell\open\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,75,00,\
6e,00,64,00,6c,00,6c,00,33,00,32,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,\
00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,\
25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,68,00,6f,\
00,74,00,6f,00,20,00,56,00,69,00,65,00,77,00,65,00,72,00,5c,00,50,00,68,00,\
6f,00,74,00,6f,00,56,00,69,00,65,00,77,00,65,00,72,00,2e,00,64,00,6c,00,6c,\
00,22,00,2c,00,20,00,49,00,6d,00,61,00,67,00,65,00,56,00,69,00,65,00,77,00,\
5f,00,46,00,75,00,6c,00,6c,00,73,00,63,00,72,00,65,00,65,00,6e,00,20,00,25,\
00,31,00,00,00

[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.Wdp\shell\open\DropTarget]
“Clsid”=”{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}”

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Photo Viewer\Capabilities]
“ApplicationDescription”=”@%ProgramFiles%\\Windows Photo Viewer\\photoviewer.dll,-3069”
“ApplicationName”=”@%ProgramFiles%\\Windows Photo Viewer\\photoviewer.dll,-3009”

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Photo Viewer\Capabilities\FileAssociations]
“.jpg”=”PhotoViewer.FileAssoc.Jpeg”
“.wdp”=”PhotoViewer.FileAssoc.Wdp”
“.jfif”=”PhotoViewer.FileAssoc.JFIF”
“.dib”=”PhotoViewer.FileAssoc.Bitmap”
“.png”=”PhotoViewer.FileAssoc.Png”
“.jxr”=”PhotoViewer.FileAssoc.Wdp”
“.bmp”=”PhotoViewer.FileAssoc.Bitmap”
“.jpe”=”PhotoViewer.FileAssoc.Jpeg”
“.jpeg”=”PhotoViewer.FileAssoc.Jpeg”
“.gif”=”PhotoViewer.FileAssoc.Gif”
“.tif”=”PhotoViewer.FileAssoc.Tiff”
“.tiff”=”PhotoViewer.FileAssoc.Tiff”

Securing and Optimizing Windows 10

Security has been a concern since the first day Windows 10 was launched. Microsoft reports lots of information about you back to itself. They are trying to keep up with Google in the data collection space. So they made Windows 10 into a giant piece of spyware and launched it for free. Additionally Microsoft loads lots of bloatware on all Windows 10 installations.

I recommend running regular security apps but also it is important to lock down Windows 10 (and lock out Microsoft). Below are the steps to remove excess Win 10 apps and secure your computer from Microsoft’s spyware:

 

FIRST – Remove Bloatware:
Remove excess Win 10 apps with this script by running it in powershell. The script is written to keep store and calculator. Other apps can be added to the exception list. Microsoft will not allow an uninstall of certain apps and for that I use ccleaner. This the powershell script to quickly remove lots of Win 10 bloatware:

Get-AppxPackage -AllUsers | Remove-AppxPackage | where {$_.Name -notlike “*Store*|*calculator*”}

Also Ccleaner can help removes Windows 10 apps. I’ve never had issues with Ccleaner but some have reported issues with Windows after running ccleaner.

For more information on removing Windows 10 apps visit: http://www.tenforums.com/tutorials/4689-apps-uninstall-windows-10-a.html#option4

 

SECOND – Disable Telemetry, Cortana and Contact Support:
Secure Windows 10 – Disable Telemetry (this is prevent certain info going back to Microsoft and improve OS load times):
Step 1: Settings -> Privacy, I turn everything, in every category, off.

Step 2: In Settings -> Privacy, Microsoft limits control over Feedback & Diagnostics, not allowing you to totally turn it off. To turn off run gpedit.msc and go to:

Computer Configuration>Administrative Templates>Windows Components>Data Collection and Preview Builds> Allow Telemetry

Set to Disable. (at one time there was an option 4, disable which has since been removed by Microsoft)

If you are a Win 10 home user, then:

A. Open Registry Editor. (run regedit)
B. Go to the following Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection

Note: If you do not have this Registry key, then you can just create it.

C. Ceate a new a 32-bit DWORD value with the name AllowTelemetry and set it to 0.

 

Secure Windows 10 – Remove Contact Support From Windows 10 and the Start Menu:

http://winaero.com/blog/how-to-uninstall-and-remove-contact-support-in-windows-10/

 

Secure Windows 10 – Remove Cortana:

A. For Windows 10 Pro users; run gpedit.msc and navigate to Computer Configuration > Administrative Templates > Windows Components > Search. Locate the “Allow Cortana” setting in the right pane and double-click it. Set to Disable and click OK. Restart for this change to take effect.

B. For Windows 10 Home users; run regedit and go to: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search. Create a wew > DWORD (32-bit) Value and calle the value “AllowCortana”. Double-click it and set the value to “0”. Reboot for this change to take effect.

 

Disclaimer: running gpedit.msc and regedit makes substantial changes to your computer. Do at your own risk and we take no responsibility for your actions or the outcome on your computer.

 

Java Security Error – How to Grant a Java Exception

Java is stepping up security and once available websites may have fallen out of compliance. Follow these steps to add a java exception if you require access to one of these non-compliant websites:

1 . First find the java.policy file at C:\Program Files (x86)\Java\jre1.8.0_66 (or your version)\lib\security. Open the java.policy file with notepad or my favorite notepad++.

2. You’ll see some text such as:

grant {
// Allows any thread to stop itself using the java.lang.Thread.stop()
// method that takes no argument.
// Note that this permission is granted by default only to remain
// backwards compatible.
// It is strongly recommended that you either remove this permission
// from this policy file or further restrict it to code sources
// that you specify, because Thread.stop() is potentially unsafe.
// See the API specification of java.lang.Thread.stop() for more
// information.
permission java.lang.RuntimePermission “stopThread”;

just add a line like this but change “this info” to the IP (:port if needed) you are trying to access.

permission java.net.SocketPermission “166.239.88.54:5900”, “connect, accept”;

3. Save the file, use Notepad++ if notepad doesn’t work.

4. In control panel, under security tab add the website to the excluded site list.

For more information visit: http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html

MP

Rethinking Artificial Intelligence

My Post at LinkedIn about AI is Reposted Here.

Hello Friends. I don’t often concern myself with AI but lately there’s been talk of AI killer robots and the grim human future. There’s nothing to fear now since we are in the early development stage of creating AI and true consciousness could be decades away. I hope the piece below adds to the philosophical conversation about the future our children and grandchildren will inherit. Thank you, Michael Pasatieri

Rethinking Artificial Intelligence

AI, Artificial Intelligence, is the self-awareness of machines. When contemplating if something has artificial intelligence, what we are really asking is whether the machine can think. More accurately what we are really referring to is called Artificial Consciousness. Reports reveal that initial results have fallen short of expectations. Early attempts have produced egotistical self-absorbed machine ‘personalities.’ A primary characteristic of self-aware beings is the acknowledgement and care of others and their intentions, needs and wants. Ironically a machine which thinks of others first could be vital to creating a ‘self-aware’ machine.

If AC winds up being selfish then our children’s future might indeed be grim. Combined with an unconditional autopoietic imperative, self-aware machines could eventually eliminate humans. Asimov believed that the Three Law of Robotics would protect us. However the three laws of robotics are theorized to be unrealistic as super-intelligent AC machines are unlikely to also view themselves as inferior beings. Therefore I propose the two laws: 1) Do all you have agreed to do (contract law) and 2) Do not encroach on another person or their property (tort law). If we aren’t careful and ethical in creating AC then Elon Musk’s dark prediction of killer robots could come true. Let’s rethink AC cautiously before AC rethinks us.

Michael Pasatieri

Posted at: https://www.linkedin.com/pulse/rethinking-artificial-intelligence-michael-pasatieri?trk=pulse_spock-articles

Error Message – Insufficient Disk Space. Restoring Exchange Mailboxes or Folders with Symantec Backup Exec 2014.

Insufficient Disk Space is an error Backup Exec gives when trying to restore folders or emails into Exchange. Previously, in BE 2010 and earlier, Backup Exec could do a brick level restore – meaning it could retrieve a single folder or email. These brick level backup jobs ran slowly but they were useful when restoring. Since then BE changed how it restores into Exchange Server. Now it restores the ENTIRE Exchange database (even if you need just a single email restored) into a temp location then it queries the DB and recovers only that data. If the temp location specified does not have more free space than the size of your Exchange DB (of that backup job’s date) it fails with an error message ‘insufficient disk space.’ To remedy either clear up space or change the location of the restore temp Exchange DB.

This solution works for either Small Business Edition of Symantec backup exec or the regular product.

? Check that there is sufficient disk space available. This is because Backup Exec will stage the entire Exchange Information Store before restoring any individual items.
? The default location for temporary files is: C:\Temp. This needs to be changed to the drive with the most space available.
This is done as follows: Tools -> Options -> Restore (Path on media server for staging temporary restore data…).
? The user concerned needs to be logged out of their email.

The above steps solution are located here: http://www.symantec.com/connect/articles/restoring-exchange-or-individual-mailboxesitems-using-backup-exec-howto

note: Backup Exec 2014 has the temp location under Configurations and Settings -> Granular Recovery Technology.

The process is slow, especially if your Exchange DB is large.

Hope this help your Backup Exec error.

Michael Pasatieri