Petya Ransomware – New Decryption Tool Available..for some strains

Malwarebytes made available a new decryption tool to help people attacked with some strains of Petya ransomware.

Although the tool doesn’t work with the recent variant of Petya outbreak that spawned from Ukraine in June and spread all over the world.

But, at least it can help people to recover files that were affected by the following variants:

• Red Petya
• Green Petya (both versions) + Mischa
• Goldeneye (boolocker + files)

You can download the tool here:
Malwarebytes - Petya Decryption Tool

Free Microsoft eBooks Giveaway!!!

And here’s a Microsoft “extravaganza”!
It’s seems strange…odd…but…Microsoft is giving away millions of ebooks to everyone!

The post on MSDN blog comes from Eric Ligman, Microsoft Director of Sales Excellence and yes…there are old ebooks like “Programming Windows 8 Apps with HTML, CSS, and JavaScript” there’s all kind of things from Azure to Office 2016 or System Center.

So go ahead and have a download spree!
MSDN Blogs - Largest FREE Microsoft eBook Giveaway!

Windows – GPOs – Removing IE Maintenance Settings with Windows 2012 R2

Here’s a tip to remove the “infamous” IE Maintenance gpo settings if you don’t have any way to get your hands on a Windows XP machine or simply wanna do it the “geek way” using Windows 2012 R2.

Follow these steps:

1. Open GPMC
2. Select your GPO
3. Now, on the right-side pane select Details tab
4. Copy, or take note, of the Unique ID
5. Close GPMC
6. Open Active Directory Users and Computers console
7. Make sure Advanced Features is turned on (View > Advanced Features)
8. Navigate to System | Polices
9. On the right-side pane, find the Unique ID you took note
10. Right-click on it and select Properties
11. Now, select Attribute Editor tab and scroll-down to gPCUserExtensionNames attribute and click Edit
12. In the dialog box find the following string and delete it (for proper editing copy/paste the entire string from the dialog box to notepad, delete what you need and copy/paste again to the dialog box)
    [{A2E30F80-D7DE-11D2-BBDE-00C04F86AE3B}{FC715823-C5FB-11D1-9EEF-00A0C90347FF}]
13. Click OK and…you’re done!

Win10 Deploy – Forcing Start Menu Layout and Allow Users to Pin Shortcuts

Following the previous article (Win10 Deploy – Customizing Start Menu and Forcing it with GPO) you could create a customized layout, force the layout to be applied but, the users could not pin any shortcuts they need.

If you want users to be able to do that, just follow these steps after exporting the xml file:

• Edit the xml file exported
• Located the tag “<DefaultLayoutOverride>”
• Change the tag to the following:
  <DefaultLayoutOverride LayoutCustomizationRestrictionType=”OnlySpecifiedGroups”>
• Save the xml file

And it’s all done.

Now, you’re Start Menu layout has the pinned shortcuts you want (locked) and users are able to add they’re own shortcuts.

Tips and Tricks – Outlook – Determine folder path for an email on search results

So…you’re proud ‘cause you have all your emails well organized in Outlook.

Sometimes it happens that with all that organized email structure you find yourself well…lost.
Then you search for other email with same subject, you find a lot of them but still don’t know which folder they’re in.

Here’s a quick tip!

Search the subject, select the email and use the keyboard shortcut “Alt+Enter” to get the folder they’re in!

Hope this saves you some time!

Windows 10 – Cumulative Updates – July 2017

It’s now available the Microsoft Windows 10 Cumulative Update for July 2017.
The quality update KB4025342 sets Windows 10 build to version 15063.483.

Improvements and Fixes

• Addressed issue introduced by KB4022716 where Internet Explorer 11 may close unexpectedly when you visit some websites.
• Addressed issue to improve MediaCreationTool.exe support for Setup Tourniquet scenarios.
• Addressed issue with CoreMessaging.dll that may cause 32-bit apps to crash on the 64-bit version of the Windows OS.
• Addressed an issue where Visual Studio or a WPF application may terminate unexpectedly (stops responding, followed by a crash) when running on a pen and/or touch enabled machine with Windows 10 Creators Update.
• Addressed issue that causes the system to crash when certain USB devices are unplugged while the system is asleep.
• Addressed issues with screen orientation that stops working after lid close and lid open transitions.
• Addressed issue that causes .jpx and .jbig2 images to stop rendering in PDF files.
• Addressed issue where users could not elevate to Administrator through the User Account Control (UAC) dialog when using a smart card.
• Addressed issue where input using the Korean handwriting feature dropped the last character of a word or moved it to the next line incorrectly.
• Addressed issue with a race condition between the App-V Catalog Manager and the Profile Roaming Service. A new registry key is available to control the waiting period for App-V Catalog Manager, which allows any third-party Profile Roaming Service to complete.
• Addressed issue where controls in Win32 applications intermittently fail to render correctly when started from a logoff script using the "run shutdown scripts visible" policy described in https://msdn.microsoft.com/en-us/library/ms811629.aspx.
• Security updates to Internet Explorer 11, Microsoft Edge, Windows Search, Windows kernel, Windows shell, Microsoft Scripting Engine, Windows Virtualization, Datacenter Networking, Windows Server, Windows Storage and File Systems, Microsoft Graphics Component, Windows kernel-mode drivers, ASP.NET, Microsoft PowerShell, and the .NET Framework.
  
  

Download

You can download this cumulative update from Microsoft Update Catalog

Windows Tips – Microsoft Support - Fix problems that block programs from being installed or removed

Once in a while we find ourselves with some issues that we have no idea how to solve.
Again, once in a while we find very simple but also very useful tools, that really make the difference.

Sometimes you get that annoying error above, and we get stuck not being able to uninstall a software (normally a msi).

So…thinking on this, Microsoft created a very very simple tool that searches the machine for issues and try to correct them.

To use it? Just download, double-click, select if you’re experiencing issues to install or uninstall an application and the tool does the rest.

What it fixes

• Corrupted registry keys for x64 operating systems
• Corrupted registry keys that control the update data
• Problems that prevent new programs from being installed, uninstalled or updated
• Problems that block you from uninstalling a program through Programs and Features

Compatibility

• Windows 7
• Windows 8
• Windows 8.1
• Windows 10

Download

Fix problems that block programs from being installed or removed

Win10 Deploy – Customizing Start Menu and Forcing it with GPO

One of the most notable and visible changes on Windows 10 O.S. is the new Start  Menu. A mix of “the old” Start Menu with an highlight on UWP and apps.

Now, for an enterprise it’s usually important to make sure that they’re line-of-business (LoB) applications are always there or even make sure that there’s an harmony on every machine of the enterprise, where everyone have access through Start Menu to the same applications or links.
So, if you want to customize and force a specific Start Menu layout, here’s how.

Customizing and Exporting Layout
First things first. Let’s start by customizing the Start Menu you want to give to all users:

• Login the reference machine (preferably with a “model user”)
• Now customize you layout has you like it
• When finished, open Powershell console and export the Start Menu layout like in this example:
  Export-StartLayout –Path C:\Themes\StartMenu\StartLayout001.xml

Now that you have your new Start Menu layout, you just have to force it using a Group Policy.

Forcing Start Menu Layout

1. Open GPMC
2. Edit your GPO
3. Navigate to Computer Configuration (or User Configuration) | Administrative Templates | Start Menu and Taskbar 
4. Double-click “Start Layout"
5. Select “Enabled”
6. Write down the path where you xml file is located
   (in our example would be C:\Themes\StartMenu\StartLayout001.xml)

And you’re done!

Windows 10 – GPOs – Disable Windows Store

For a lot of organizations, the use of the “public” Microsoft Windows Store, is something that’s not viable.
They may prefer to use 3rd-party software for this because some management/distribution software already gives some self-service portal to install the certified and compliant software for the enterprise.

In other cases the IT department simply don’t want to allow users to install things from there.

In either cases, here’s how to disable the Windows Store app using group policies:

1. Open GPMC
2. Edit your GPO
3. Navigate to Computer Configuration | Administrative Templates | Windows Components| Store
4. Double-click “Turn off Store application"
5. Select “Enabled”

Note:
On the same folder you can configure the setting “Only display the private store within the Windows Store app" which allows you to let yours see only your private store.
With this setting you should not enable the “Turn off Store application”.

Win10 Deploy– Microsoft TechNet - Windows 10 Deployment and Management Lab Kit

Here’s a nice option if you want to quickly start testing Microsoft Windows 10 deployment without all the troubles and hurdles of creating your environment.
Microsoft TechNet gives you a 32GB virtual lab with all that you need.

This is specially nice to test before creating your final production environment.

In this virtual lab you’ll get:

• Windows 10 Enterprise v1703 (aka Creators Update)
• System Center 2012 Configuration Manager 1702 (aka SCCM)
• Windows Assessment and Deployment Kit for Windows 10 v1703 (aka Windows ADK)
• Microsoft Deployment Toolkit v8443 (aka MDT)
• Microsoft Application Virtualization 5.1 (aka App-V)
• Microsoft BitLocker Administration and Monitoring 2.5 Service Pack 1 (aka MBAM)
• Windows Server 2016
• Microsoft SQL

More information about this lab kit can be found here:
Windows 10 deployment and management lab kit

To download the lab kit directly:
Windows 10 Deployment and Management Lab Kit

Win10 Deploy–Stuck at 20% during Install Operating System [Solved]

Today, after adding Windows 10 v1703 Cumulative Update June 2017 (KB4022716) to my base image, it was time to test the image deployment.

Don’t understanding why, all my installations got stuck at 20%…for hours!

After thinking a little bit about this, I took a quick look to BDD.log and there was a really strange thing.
The log add a lot of lines similar to this one:
Add package {7fe1f303-a528-4154-904b-ee10f4d79068} ZTIPatches 29.7.2012 23:06:09 0 (0x0000)

Basically, a lot of updates/hotfixes were installing and then…the issue!

This may be a “beginner mistake” but what was happening was as simple as this:

I use the same MDT Deployment Share for my other base images.

To save me some time, I’ve copied my Windows 7 x64 task sequence and completely forgot to change my Selection Profile from “Windows 7 Hotfixes” to “Windows 10 Hotfixes” and…well…basically I was applying all my Windows 7 x64 hotfixes to my Windows 10 x64 installation..

So, this in not a bug or something like that but just a simple mistake that took me some time to solve.

Hope this save other some time!

Windows 10 – GPOs – Getting Rid of Consumer Apps

So, you finally got rid of undesired apps that you don’t want on your base/gold image but after that you find your with a bunch of other apps that you don’t know where they came from?

Basically this is a “functionality” on Windows 10 that automatically downloads some consumer apps.

To get rid of these ones follow this steps:

1. Open GPMC
2. Edit your GPO
3. Navigate to Computer Configuration | Administrative Templates | Windows Components| Cloud Content
4. Double-click “Turn off Microsoft consumer experiences"
5. Select “Enabled”

And you’re done!