Logo

What is and how to Remove Shortcut Virus

Shortcut virus is an easily spreadable and annoying combination of Worm and Trojan that hides all of your files and folders and then replaces them with shortcuts that look identical to replaced files and folders.

Shortcut virusOnce disguised it will wait patiently for a user's click and once that happens it will replicate itself and further infect the system. This rapid spread can lead to stolen personal data, some system hick-ups, and other system-related issues.

This malware mainly affects physical file transfer devices like for example and most USB drives, hard drives, and SD memory cards and it can easily transfer itself to the computer.

The advantage of this shortcut virus comparing it to others is that it is mostly undetected by a vast variety of antivirus software. So running just anti-virus software maybe not be enough to remove it from your system. Luckily for all unfortunate users that have caught this annoyance, it can be easily removed fully manually in a short time.

How to Remove Virus from USB and other removable media

Firstly plugin USB, SD, or removable drive. The infection will transfer to your computer when the infected drive is plugged in so before we go to clean the computer itself, clean each removable drive that you have. Also know that infection will spread from computers into removable devices as well if it is not cleaned.

Open the File Explorer and remember under which letter is removable drive registered. Open Command prompt but with administrator privileges and go to infected rive by typing its letter followed with “:” (for example D:) and press ENTER

Once you have successfully gone to infected drive type in command prompt:

Attrib -s -r -h /s /d *.*

This will unlock all original files back into removable storage, next copy all files to your computer, and format the removable drive. Once the format is complete, unplug the removable device. Continue to clean all devices with the same method.

How to Permanently Remove a Shortcut Virus from Your PC

Now once we have cleaned all removable devices it is time to fully clean the PC

Firstly open the task manager ( CTRL + SHIFT + ESC ), in the process tab find wscript.exe or wscript.vbs, right-click on it (or both if present), and select End Task. Now close the task manager and press Start. Inside start typing in registry editor to search for it and once found open it.

Find the following key inside the registry editor:

HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run

In the right panel, look for any strange-looking key names, such as odwcamszas, WXCKYz, OUzzckky, etc. For each one, run a Google search to see if it's related to shortcut viruses.

If any returns a positive match, right-click on them and select Delete. !!! Accidentally deleting an important key can cause Windows to become unstable, so double-check everything !!!.

Close the Registry Editor

Now press ⊞ WINDOWS + R to open the run dialog and type in it Msconfig followed by ENTER. Once the System Configuration window opens go to the Startup tab. In the Startup tab, look for any strange-looking .EXE or .VBS programs, select each one and click Disable. Close the Window.

Once again open the run dialog and type inside %TEMP% and press ENTER in order to open the Windows temp folder. Inside this folder delete everything.

Next in the File explorer go to

C:\Users\[username]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Look for any strange-looking .EXE or .VBS files and delete them.

Do You Need Help with Your Device?

Our Team of Experts May Help
Troubleshoot.Tech Experts are There for You!
Replace damaged files
Restore performance
Free disk space
Remove Malware
Protects WEB browser
Remove Viruses
Stop PC freezing
GET HELP
Troubleshoot.Tech experts work with all versions of Microsoft Windows including Windows 11, with Android, Mac, and more.

Share this article:

You might also like

What is Windows 10X and do you need it

What is Windows 10X

Windows 10X is a new version of Windows that has been built from the ground up for new PCs and will begin shipping on hardware in 2021. It's built on top of a new modern version of Windows called 'Windows Core OS' that guts legacy components and features in favor of contemporary user experiences and enhanced security. This means everything from the Windows Shell to the underlying OS has been rebuilt with modern technologies.

As a result, Windows 10X does not support legacy Win32 applications at launch. Windows 10X PCs in 2021 will be able to run Microsoft Edge, UWP, and web apps. Legacy Win32 application support will arrive at a later date, however. When it does, Win32 applications will run in a secure container by default, meaning those legacy applications cannot affect system performance and battery life when closed. Windows 10X is a much more secure and stable OS as a result of this, as there's no opportunity for legacy apps to cause bitrot.

Windows 10X features a new shell of the user interface that has been built with modern technologies. It's an adaptive user experience that can adjust depending on the "posture" of your device. For example, with a foldable PC, the user might want to use it in several different ways; as a laptop, or tablet, or in tent mode for movies. Because of this, the user interface must adapt to provide the best experience no matter which way your device is being used. This also means that legacy shell elements, such as the Control Panel, File Explorer, and error dialogs and icons are gone on Windows 10X. As Microsoft has rebuilt the entire shell, it doesn't include any of the legacy things that make Windows 10 so inconsistent when it comes to UI. The Windows Shell on Windows 10X should be much more consistent. At launch, Windows 10X will only be available on traditional clamshell PCs aimed primarily at the education and enterprise markets. The platform will eventually ship on the new devices from factors such as foldable PCs, but that won't be happening in 2021.

Start menu

Microsoft is redesigning the Start menu experience on Windows 10X with a focus on productivity. It features a system-wide search bar along the top that can also search the web and a grid of installed apps below that in place of live tiles. It also has a "recent activities" area that dynamically updates with things the user might want to jump straight into, such as recent Office documents and visited websites. The apps list can be customized, with the ability for users to rearrange which apps show up in the first few rows.

Taskbar

Windows 10X also has a new adaptive Taskbar that features a centered design. The Start and Task View buttons appear in the center, with running and pinned apps appearing between the two. When you open an app, the Start and Task View buttons gently spread apart, giving the Taskbar a much more fluid appearance. There are some new animations; the Start and Task View buttons have their own animations when clicked on, and there's a subtle bounce to app icons when you minimize running apps to the Taskbar. In addition to the new design, there are also up to three different Taskbar sizes: Small, medium, and large. Large is great for tablets, while medium and small mimic the usual sizes we already have today on Windows 10. On tablets, users can now swipe up anywhere on the Taskbar to access the Start menu, making it easier for touch users to access their apps list. You no longer have to hit the specific Start button to access your Start menu.

Action center

In addition to the new Start and Taskbar experiences, there's also a new Action Center to compliment them. This new Action Center puts more emphasis on quick actions, with the ability to jump into specific quick actions for further control without leaving the Action Center at all. It's also designed in such a way that mimics a control center, with notifications housed above it in a separate box. This new Action Center includes things like volume controls, power options, and battery percentage. There's also a new music control UI that appears in the Action Center when music is playing from a supported app.

State separation feature

Unlike Windows 10, Windows 10X features something called "state separation" which is how the OS lays itself out on a drive. Windows 10 today installs everything into a single partition, which means the user can access system files, as can apps and potential attackers. On Windows 10X, everything goes into its own read-only partition. So OS files are locked away, as are app files, as are drivers, and the registry. The only thing the user and applications can access is the user partition. This means that malware or viruses can't get in and affect the system because those programs are only able to operate in a single partition, and that assumes they're able to get outside of the app container system Microsoft has built. All apps on Windows 10X run in a container and need explicit permissions to access things that are outside that container. This is already how UWP apps work on Windows 10, and Microsoft will be extending that to Win32 apps on Windows 10X when support for Win32 apps arrives.

Launch date and info

Windows 10X will launch this spring first for commercial markets. Commercial markets include education and enterprise industries looking for sub-$600 PCs for students in the classroom or first-line workers. Windows 10X won't be launching on consumer PCs in 2021, meaning you won't find it on a flagship Dell or HP device. It's also only for clamshell PCs, with foldable, tablets, and other form factor support coming in 2022 and beyond. Windows 10X will launch without an in-box Mail and Calendar app. It's been removed from the first version of Windows 10X because the platform is aimed at commercial markets that will likely use Outlook Web or stream Outlook via Windows Virtual Desktop. Users can opt to reinstall the Mail and Calendar apps from the Microsoft Store if they wish. Windows 10X for mainstream markets won't happen until 2022 when Win32 app support among other features comes to the OS as part of the Windows 10 "Nickel" release scheduled for the first half of 2022. Because Windows 10X is a new operating system, it will not be released as an update for existing Windows 10 PCs. Users won't be able to install Windows 10X on a device that didn't come with Windows 10X, to begin with. There won't be any official ISO media and you won't be able to buy Windows 10X on its own to install on your existing device. It's for new PCs only. If you would like to read more helpful articles and tips about various software and hardware visit errortools.com daily.
Read More
How to change system font in Windows 11

Windows 11 is a good-looking operating system but people love to make things personal and to their liking so we decided to help you in this mission with small customization of changing default system fonts inside Windows 11.

Since there is no really easy way to just switch the font windows is using for itself we will have to tweak a registry a little so before we start please do make a backup of the registry file and follow the steps as they are presented in order to avoid any errors and break the system.

windows 11 transparency off

So, if all precautions are made and you are ready to change your Windows appearance let's dive right into it:

Find and/or install the font that you wish to use

There are vast free font sites on the internet where you can find fonts that you like and wish to use but be very careful with your desired font selection. The font that you choose needs to be a complete typeface, meaning that it has to contain all glyphs, large and small font sizes, all special characters, etc or you will experience that in certain areas nothing will be displayed.

Once you have found the font that you like and made sure it is a complete font, install it on your system (you can skip this step if you just want to change the system font with one already installed on your system)

Create REG file

Open notepad or a similar plain text editor in order to create a file that will apply changes directly into the registry and create a new file. Inside the file paste this text:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
"Segoe UI (TrueType)"=""
"Segoe UI Bold (TrueType)"=""
"Segoe UI Bold Italic (TrueType)"=""
"Segoe UI Italic (TrueType)"=""
"Segoe UI Light (TrueType)"=""
"Segoe UI Semibold (TrueType)"=""
"Segoe UI Symbol (TrueType)"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes]

"Segoe UI"="NEW-FONT"

All the way to the bottom where it says: "Segoe UI"="NEW-FONT", change NEW-FONT with the font name that you have chosen or installed in the previous step. For example: "Segoe UI"="Ubuntu".

Now go to File > Save As and name your file however you want but give it REG extension so it looks like: my_new_windows_font.REG

Apply changes

Now that you have your registry entry saved, locate it and double-click on it, at this stage Windows warning will probably pop up, you can just ignore it and click on YES since you wrote the file and know what it is. After registry entry is applied reboot your PC in order for changes to take effect.

Rolling back

If you want to change the font to another one, just repeat this procedure again. If you want to roll back to using the default Windows font, repeat the process but with this code instead of the one provided in the REG file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
"Segoe UI (TrueType)"="segoeui.ttf"
"Segoe UI Black (TrueType)"="seguibl.ttf"
"Segoe UI Black Italic (TrueType)"="seguibli.ttf"
"Segoe UI Bold (TrueType)"="segoeuib.ttf"
"Segoe UI Bold Italic (TrueType)"="segoeuiz.ttf"
"Segoe UI Emoji (TrueType)"="seguiemj.ttf"
"Segoe UI Historic (TrueType)"="seguihis.ttf"
"Segoe UI Italic (TrueType)"="segoeuii.ttf"
"Segoe UI Light (TrueType)"="segoeuil.ttf"
"Segoe UI Light Italic (TrueType)"="seguili.ttf"
"Segoe UI Semibold (TrueType)"="seguisb.ttf"
"Segoe UI Semibold Italic (TrueType)"="seguisbi.ttf"
"Segoe UI Semilight (TrueType)"="segoeuisl.ttf"
"Segoe UI Semilight Italic (TrueType)"="seguisli.ttf"
"Segoe UI Symbol (TrueType)"="seguisym.ttf"
"Segoe MDL2 Assets (TrueType)"="segmdl2.ttf"
"Segoe Print (TrueType)"="segoepr.ttf"
"Segoe Print Bold (TrueType)"="segoeprb.ttf"
"Segoe Script (TrueType)"="segoesc.ttf"
"Segoe Script Bold (TrueType)"="segoescb.ttf"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes]
"Segoe UI"=-
Read More
Remove EliteUnzip from your computer

EliteUnzip is a program developed by Mindspark Interactive. This program lets you compress and extract all the popular archive types.

From the Author:

Elite Unzip is a program for creating and extracting archive files; it has support for over 20 file formats. This application downloads onto your computer in two parts: one for your desktop, and one for your browser. They both work together to make packing and unpacking archive files easy.

While EliteUnzip itself is not a threat, it comes bundled with other software that might cause a problem to your computer.

Due to its bundled nature, several anti-virus scanners have marked EliteUznip as a Potentially Unwanted Program and is therefore not recommended to keep on y our computer, especially because there are other free programs that do the same functions without the additional bundled software.

About Potentially Unwanted Applications

Precisely what is a Potentially Unwanted Program (PUP)?

Have you ever found out an unwanted program running on your computer and wondered how the heck it got there? These unwanted programs, which are known as Potentially Unwanted Programs, or PUPs in short, often tag along as a software bundle when downloading the program and can result in major problems for computer users. It’s clear by the name – unwanted programs – but did not really constitute “malware” in the traditional sense. The reason for this is that the majority of PUPs enter into users’ computers not because they exploit security weaknesses, for instance, but mainly because the users give consent to download it – unknowingly in many instances. No matter whether it is regarded as malware or otherwise, PUPs are almost always bad for a computer owner as they might bring on adware, spyware, keystroke logging, and other nasty “crapware” features on your PC.

What do PUPs do on your computer, precisely?

Most Potentially Unwanted Programs comes in the form of adware, which generally aims to exhibit lots of annoying pop-up ads, banners, coupons, and deals on websites you explore. PUPs that come in the form of browser add-ons and toolbars are widely identifiable. They may track your online activities, redirect your search results to risky sites where adware and spyware can be downloaded, hijack your home page, and slow your browser down to a crawl. PUPs carry a dangerous bite if left behind unchecked. The worst part of setting up a PUP is the spyware, adware, and keystroke loggers that could hide inside. These are programs that don’t do anything good for you; in addition to taking over space on the hard disk, they will also slow down your PC, often change settings without your permission, and the list of bothersome features goes on and on.

Protect yourself from unwanted programs

• When installing anything on your desktop, always read the fine print, like the license agreement. Don’t accept terms of use that are for bundled applications. • Normally, when installing a software program you get two options, ‘Standard Installation’ and ‘Custom Installation’. Don’t opt for ‘Standard’ as unwanted programs might automatically be installed that way! • Use good anti-malware software. Try Safebytes Anti-malware which can spot PUPs and treat them as malware by flagging them for deletion. • Be alert when you download and install freeware, open-source programs, or shareware. Nowadays ‘freeware’ isn’t actually freeware – but crapware bundling nonsense. • Only use official product sites for downloading applications. Steer clear of download websites altogether since most websites compel users to download the program with their own download manager, which is often bundled up with some kind of PUPs.

Virus Blocking Access To Safebytes Site And Preventing Anti-Malware Downloads – What You Should Do?

All malware is inherently unsafe, but certain kinds of malicious software do a lot more damage to your computer or laptop than others. Some malware variants alter browser settings by adding a proxy server or change the computer’s DNS configuration settings. When this happens, you will be unable to visit some or all of the sites, and therefore unable to download or install the necessary security software to eliminate the malware. If you are reading this, chances are you’re stuck with a virus infection that is preventing you to download and install Safebytes Anti-Malware software on your computer. There are some actions you can take to circumvent this issue.

Install in Safe Mode

In the event the malware is set to run at Windows start-up, then booting in safe mode should avoid it. Since only the minimal applications and services start-up in safe mode, there are hardly any reasons for conflicts to happen. The following are the steps you should follow to start your computer into the Safe Mode of your Windows XP, Vista, or 7 computers (go to Microsoft site for directions on Windows 8 and 10 computers). 1) Tap the F8 key continuously as soon as your computer boots, however, before the large windows logo comes up. This should bring up the Advanced Boot Options menu. 2) Make use of the arrow keys to select Safe Mode with Networking and press ENTER. 3) Once you get into this mode, you should have internet access once again. Now, obtain the malware removal software you need by using the web browser. To install the program, follow the guidelines in the setup wizard. 4) Following installation, run a full scan and let the program eliminate the threats it finds.

Download the antivirus software in a different internet browser

Some malware mainly targets particular browsers. If this sounds like your case, make use of another internet browser as it may circumvent the virus. If you appear to have malware attached to Internet Explorer, then switch over to a different browser with built-in safety features, such as Firefox or Chrome, to download your favorite anti-malware program – Safebytes.

Install antivirus on a thumb drive

Here’s yet another solution which is utilizing a portable USB anti-malware software package that can check your system for malware without needing installation. Adopt these measures to use a flash drive to clean your infected system. 1) Download the anti-malware on a virus-free computer. 2) Plug the pen drive into the uninfected computer. 3) Double click on the exe file to open the installation wizard. 4) When asked, select the location of the pen drive as the place where you want to store the software files. Follow the directions to complete the installation process. 5) Transfer the thumb drive from the uninfected computer to the infected PC. 6) Double-click the anti-malware software EXE file on the thumb drive. 7) Click on “Scan Now” to run a scan on the affected computer for viruses.

Benefits and Features of SafeBytes Anti-Malware

If you are looking to purchase anti-malware for your PC, there are various brands and applications for you to consider. A few of them are great and some are scamware applications that pretend as authentic anti-malware software waiting to wreak havoc on your computer. You need to pick a tool that has gained a good reputation and detects not only computer viruses but other types of malware as well. When considering commercial application options, many people opt for popular brands, such as SafeBytes, and are very happy with them. SafeBytes anti-malware is really a powerful, highly effective protection application intended to help users of all levels of IT literacy in finding and removing harmful threats out of their computer. This application could easily identify, remove, and protect your computer from the most advanced malware intrusions such as adware, spyware, trojan horses, ransomware, worms, PUPs, as well as other possibly damaging software applications.

There are lots of great features you’ll get with this security product. Below are a few of the best ones:

Real-Time Protection: SafeBytes provides real-time active monitoring service and protection against all known computer viruses and malware. It will monitor your personal computer for suspicious activity regularly and shields your personal computer from unauthorized access. Best AntiMalware Protection: Safebytes is built on the very best virus engine in the industry. These engines will find and remove threats even during the early phases of a malware outbreak. Fast Multi-threaded Scanning: SafeBytes’s virus scan engine is one of the quickest and most efficient in the industry. It's targeted scanning substantially increases the catch rate for viruses that are embedded in various PC files. Web Protection: SafeBytes inspects the links present on a webpage for possible threats and tells you whether the website is safe to view or not, through its unique safety rating system. Light-weight: SafeBytes is well known for its minimal impact on computer resources and great detection rate of numerous threats. It operates quietly and efficiently in the background so you’re free to make use of your PC at full power all of the time. Premium Support: SafeBytes gives you 24/7 technical support, automatic maintenance, and upgrades for the best user experience. SafeBytes has created a wonderful anti-malware solution to help you conquer the latest malware threats and virus attacks. Once you have downloaded and installed SafeBytes Anti-Malware, you will no longer have to bother about malware or other security concerns. So if you want sophisticated forms of protection features & threat detections, purchasing SafeBytes Anti-Malware will be worth the money!

Technical Details and Manual Removal (Advanced Users)

To remove EliteUnzip manually, go to the Add/Remove programs list in the Control Panel and choose the program you want to get rid of. For internet browser plug-ins, go to your browser’s Addon/Extension manager and select the plug-in you want to remove or disable. You will additionally also want to totally reset your internet browser to its default settings. To make sure of complete removal, find the following Windows registry entries on your system and remove it or reset the values appropriately. However, this is often a tricky task and only computer professionals could perform it safely. Also, certain malware is capable of replicating itself or preventing its deletion. Carrying out this malware-removal process in Safe Mode is suggested.
Files: %PROGRAMFILES%\EliteUnzip_aa\bar.bin\aaSrcAs.dll %PROGRAMFILES(x86)%\EliteUnzip_aa\bar.bin\aabar.dll %PROGRAMFILES%\EliteUnzip_aa\bar.bin\aaHighIn.exe %PROGRAMFILES(x86)%\EliteUnzip_aa\bar.bin\CrExtPaa.exe %USERPROFILE%\Application Data\EliteUnzip_aa %USERPROFILE%\AppData\LocalLow\EliteUnzip_aa %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gaklecphgkijookgheachpgdkeminped %LOCALAPPDATA%\EliteUnzip_aa %USERPROFILE%\Meus documentos\Downloads\EliteUnzipSetup.EliteUnzip_aa.ffjcmnpnoopgilmnfhloocdcbnimmmea.ch.exe %PROGRAMFILES(x86)%\aaUninstall Elite Unzip.dll %USERPROFILE%\Downloads\EliteUnzipSetup.exe C:\Program Files\EliteUnzip\EliteUnzip.exe Search And Delete: RebootRequired.exe IAC.UnifiedLogging.dll DesktopSdk.dll IAC.Helpers.dll UnifiedLogging.dll SevenZipSharp.dll 7z.dll 7z64.dll LogicNP.FileView.WPF.dll LogicNP.FolderView.WPF.dll LogicNP.ShComboBox.WPF.dll lua5.1.dll Registry: HKEY_CURRENT_USER\Software\AppDataLow\Software\EliteUnzip_aa HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, value: EliteUnzip EPM Support HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, value: EliteUnzip Search Scope Monitor HKEY_CURRENT_USER\Software\EliteUnzip_aa HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar, value: ef55cb9f-2729-4bff-afe5-ee59593b16e8 HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run, value: EliteUnzip AppIntegrator 64-bit HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run, value: EliteUnzip EPM Support HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run, value: EliteUnzip Search Scope Monitor HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, value: EliteUnzip AppIntegrator 32-bit HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, value: EliteUnzip AppIntegrator 64-bit HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\EliteUnzip_aaService HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EliteUnzip_aaService HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\EliteUnzip_aaService HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, value: EliteUnzip_aabar Uninstall HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\EliteUnzip_aa HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mindspark\EliteUnzip HKEY_LOCAL_MACHINE\SOFTWARE\Mindspark\EliteUnzip
Read More
How to Obliterate PyLocky Ransomware

What is PyLocky ransomware? And how does it execute its attack?

PyLocky ransomware is a file-locking malware created in order to lock important files and demand ransom from victims in exchange for data recovery. This new ransomware uses the .lockymap extension in marking the files it encrypts. It starts to execute its attack by dropping the following malicious payload in the system:
Name: facture_4739149_08.26.2018.exe SHA256:8655f8599b0892d55efc13fea404b520858d01812251b1d25dcf0afb4684dce9 Size: 5.3 MB
After dropping its malicious payload, this crypto-malware connects the infected computer to a remote server where it downloads more malicious files and places them on system folders. It then applies a data gathering module used to gather data about the user and the computer. The malicious files that were downloaded earlier along with the data obtained are used for another module called stealth protection. This allows PyLocky ransomware to execute its attack without detection from any security or antivirus programs installed in the system. It also modifies some registry keys and entries in the Windows Registry such as:
  • HKEY_CURRENT_USERControl PanelDesktop
  • HKEY_USERS.DEFAULTControl PanelDesktop
  • HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun
  • HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunOnce
Once all the modifications are carried out, PyLocky ransomware will begin encrypting its targeted files using a sophisticated encryption cipher. Following the encryption, it adds the .lockymap extension to each one of the encrypted files and releases a ransom note named “LOCKY-README.txt” which contains the following content:
“Please be advised: All your files, pictures document and data has been encrypted with Military Grade Encryption RSA ABS-256. Your information is not lost. But Encrypted. In order for you to restore your files, you have to purchase a Decrypter. Follow these steps to restore your files. 1* Download the Tor Browser. ( Just type in google “Download Tor“ 2‘ Browse to URL: http://4wcgqlckaazungm.onion/index.php 3* Purchase the Decryptor to restore your files. It is very simple. If you don’t believe that we can restore your files, then you can restore 1 file of image format for free. Be aware the time is ticking. Price will be doubled every 96 hours so use it wisely. Your unique ID : CAUTION: Please do not try to modify or delete any encrypted file as it will be hard to restore it. SUPPORT: You can contact support to help decrypt your files for you. Click on support at http://4wcgqlckaazungm.onion/index.php”

How does PyLocky ransomware spread over the web?

PyLocky ransomware spreads using malicious spam email campaigns. Creators of this threat embed an infected attachment to spam emails and send them using a spambot. Crooks may even use deceptive tactics to trick you into opening the malware-laden immediately which is something you must not do. Thus, before opening any emails, make sure that you’ve thoroughly checked them. To successfully obliterate PyLocky ransomware from your computer, refer to the removal guide laid out below.
  • Step 1: Launch the Task Manager by simply tapping Ctrl + Shift + Esc keys on your keyboard.
  • Step 2: Under the Task Manager, go to the Processes tab and look for the process named facture_4739149_08.26.2018.exe and any suspicious-looking process which takes up most of your CPU’s resources and is most likely related to PyLocky ransomware.
  • Step 3: After that, close the Task Manager.
  • Step 4: Tap Win + R, type in appwiz.cpl and click OK or tap Enter to open Control Panel’s list of installed programs.
  • Step 5: Under the list of installed programs, look for PyLocky ransomware or anything similar, and then uninstall it.
  • Step 6: Next, close the Control Panel and tap Win + E keys to launch File Explorer.
  • Step 7: Navigate to the following locations below and look for PyLocky ransomware’s malicious components such as facture_4739149_08.26.2018.exe and LOCKY-README.txt as well as other suspicious files, then delete all of them.
%TEMP% %WINDIR%System32Tasks %APPDATA%MicrosoftWindowsTemplates %USERPROFILE%Downloads %USERPROFILE%Desktop
  • Step 8: Close the File Explorer.
  • Step 9: Tap Win + R to open Run and then type in Regedit in the field and tap enter to pull up Windows Registry.
  • Step 10: Navigate to the following path:
HKEY_CURRENT_USERControl PanelDesktop HKEY_USERS.DEFAULTControl PanelDesktop HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunOnce
  • Step 11: Delete the registry keys and sub-keys created by PyLocky ransomware.
  • Step 12: Close the Registry Editor and empty the Recycle Bin.
Try to recover your encrypted files using the Shadow Volume copies Restoring your encrypted files using Windows Previous Versions feature will only be effective if PyLocky ransomware hasn’t deleted the shadow copies of your files. But still, this is one of the best and free methods there is, so it’s definitely worth a shot. To restore the encrypted file, right-click on it and select Properties, a new window will pop up, then proceed to Previous Versions. It will load the file’s previous version before it was modified. After it loads, select any of the previous versions displayed on the list like the one in the illustration below. And then click the Restore button.
Read More
Fixing Windows 10 stuck at “Preparing Security Options”
There are cases when your Windows 10 PC can encounter an issue where it gets stuck and will display a message that says, “Preparing Security Options”. If this is happening to your Windows 10 PC, you won’t be able to use your keyboard or even mouse and your screen will only be stuck on the screen as mentioned above. As your computer is still stuck, you will be left with no choice but to shut it down and restart it. Tap the F11 key as soon as your PC powers on. This will take you to the Advanced Startup options where you can carry out some steps. If it still didn’t work, you have to boot your Windows 10 PC into Safe Mode and then try out the troubleshooting options below.

Option 1 – Try using System Restore

You can do this option either by booting into Safe Mode or in System Restore. If you are already in the Advanced Startup Options, just directly select System Restore and proceed with the next steps. And if you have just booted your PC into Safe Mode, refer to the steps below.
  • Tap the Win + R keys to open the Run dialog box.
  • After that, type in “sysdm.cpl” in the field and tap Enter.
  • Next, go to the System Protection tab then click the System Restore button. This will open a new window where you have to select your preferred System Restore point.
  • After that, follow the on-screen instructions to finish the process and then restart your computer and check if the problem is fixed or not.

Option 2 – Uninstall the Windows Updates you’ve installed recently

The issue could be caused by Windows Updates so you need to check if it’s indeed the case. The best way you can do so is via Safe Mode.
  • Boot your PC into Safe Mode and then tap the Win + I keys to open Settings.
  • After that, click on Update and Security and then select Windows Update from the left side menu column.
  • Next, select the “View installed update history” option on the right-side column and click on Uninstall Updates which will open a window that will show the list of all the installed updates on your PC.
  • From there, select the update you want to uninstall and click the Uninstall button located in the lower right corner of the window.

Option 3 – Try disabling the Fast Startup

  • Boot your PC into Safe Mode.
  • Then tap the Win + R keys to open the Run dialog box.
  • Next, type in “control” to open Control Panel.
  • After that, select Hardware and Sound and click on Power Options.
  • Select “Choose what the power buttons do” from the left side menu pane and click on Change settings that are currently unavailable.
  • Afterward, uncheck the “Turn on fast startup (Recommended)” entry and click on Save Changes.
  • Now restart your PC and check if the problem’s fixed.

Option 4 – Try running both the SFC scan and CHKDSK utility

You can do both SFC and CHKDSK using Safe Mode and Advanced Startup options. For Advanced Startup options, click on the Command Prompt option and proceed with the steps. And if you have booted your computer into Safe Mode, follow these steps:
  • Tap the Win + X keys or right-click on the Start button and click Command Prompt (admin).
  • After that, type in this command and tap Enter to run the System File Checker or SFC – “Sfc /scannow”.
  • Alternatively, you can use this command instead if the previous command didn’t work – “sfc /scannow /offbootdir=c: /offwindir=c:windows”.
  • Wait until the SFC scan is done with the process and then restart your PC.
  • Next, run the CHKDSK utility and once it’s done checking your disk for errors and then reboot your PC to save the changes made.

Option 5 – Try resetting Windows 10

You can reset your Windows 10 PC using either the Advanced Startup Options or by booting into Safe Mode.
  • Tap the Win + I keys and go to Update and Security > Recovery.
  • Then click on Get Started under the Reset this PC section.
  • After that, follow the on-screen instructions with how you want to reset your PC and what files and settings you want to revert.
  • Then it will reset your PC by reinstalling it

Option 6 – Try to rename the SoftwareDistribution folder

In this option, the Command Prompt is supposed to be like the one in option 4. You can use both ways there to open the Command Prompt.
  • Open an elevated Command Prompt as admin and type in the commands below and tap Enter right after you typed in each one of them
  • net stop wuauserv
  • net stop bits
  • rename c:windowsSoftwareDistribution SoftwareDistribution.bak
  • net start wuauserv
  • net start bits
Note: You can also rename the SoftwareDistribution folder to “SoftwareDistribution.bak” or “SoftwareDistribution.old” after you boot your PC into Safe Mode.

Option 7 – Try rebuilding BCD

Rebuilding the BCD can help you in fixing the stuck Windows 10.
  • You can start by booting into the installation environment for Windows 10 from an installation media.
  • After that, click on Repair your computer and on the blue screen, select Troubleshoot and then select the Advanced options menu.
  • Next, select Command Prompt and type in the commands below one by one, and tap Enter right after you do so.
  • exe /FixMbr
  • exe /FixBoot
    • exe /RebuildBcd

Read More
What is USB Kill Kit

USB Kill, a USB device is able to fry and damage your computer, mobile phone, router, etc. This device is quite dangerous and can kill electronics the moment it is inserted into an available port. By now people should know that they should not put unknown USB sticks into their devices because of potential virus and malware threats but this raises using unknown sticks to a whole new level.

usb kill kit

Kill kits are not really new to the market, they have existed before but lately, technology really progressed and the latest USB sticks are really good, their success rate is around 95% which is pretty high and should not be taken lightly.

The second thing that you really should not play with strange USB sticks is that they dropped in price really hard, although top Kill kits will still go as high as around 300 USD, there are really cheap ones lurking in Ali Express that are just 6 USD!!! that makes them affordable devices for the mass market.

The device is made to take energy and current from the port it is plugged in, multiply it and release its charge back into the device, successfully frying some components immediately. Some more professional Kill sticks can even fry devices even when the device itself is not powered and can be even started remotely.

The point of this article is to make you aware that you should not in any kind of circumstances use and plug-in USB sticks into your devices that you do not know where they come from, especially from the mail!!

Read More
How to remove GoodShop Landing

GoodShopLanding is a browser extension for Google Chrome, Mozilla Firefox, and Safari. This extension offers the latest coupons from a range of variety stores. While this may seem useful, this extension only offers coupons from sponsored stores, not all coupons available, so the only coupons that you will get are from the Extensions Ad network. You may see additional new tabs opening randomly while browsing the internet, these tabs are opened by GoodShopLanding and usually contain last-minute store deals.

As it is often distributed via potentially unwanted advertising, and impacts browser performance in a way that many users do not want, it is classified as a Browser Hijacker and thus flagged for optional removal. From the Author:
Shop online? Here’s your free automatic coupon finder, Gumdrop. Never miss a coupon again Gumdrop automatically applies the best coupons for you at checkout. Get the best deals anywhere With over 500,000 coupons, Gumdrop finds deals for thousands of stores, including Amazon, Expedia, and Papa John’s.

About Browser Hijackers

Browser hijackers (sometimes called hijackware) are a kind of malicious software that alters internet browser configurations without the computer owner’s knowledge or consent. These hijacks appear to be increasing at an astonishing rate around the globe, and it could be truly nefarious and sometimes harmful too. There are numerous reasons why you may have a browser hijack; but commercial, marketing, and advertising are definitely the primary purposes for their creation. Often, hijackers will force hits to sites of their choice either to increase traffic generating higher advertisement revenue, or to gain a commission for every user visiting there. However, it isn’t that harmless. Your web safety is jeopardized and it is extremely irritating. They not only mess up your web browsers, but browser hijackers can also modify the system registry, leaving your computer vulnerable to various other attacks.

Indications of browser hijack

There are many symptoms that indicate the browser is highjacked: your homepage is reset to some mysterious site; bookmark and the new tab are likewise changed; The default search page of web browser is changed; unwanted new toolbars are added to your web browser; you may see never-ending pop-up ads on your computer screen; web pages load very slowly and sometimes incomplete; you’re disallowed access to certain webpages, such as the site of an antimalware software developer like SafeBytes.

How they get into the computer

A browser hijacker can be installed on your computer if you go to an infected website, click an e-mail attachment, or download something from a file-sharing website. They can also be deployed via the installation of an internet browser toolbar, add-on, or extension. Browser hijackers sneak into your pc along with free software application downloads that you unknowingly install along with the original. A good example of some well-known browser hijackers includes Babylon, Anyprotect, Conduit, DefaultTab, SweetPage, RocketTab, and Delta Search, but the names are often changing. Browser hijackers may record user keystrokes to collect potentially invaluable information that leads to privacy issues, cause instability on computers, significantly disrupt user’s browsing experience, and finally slow down the computer to a stage where it will become unusable.

How you can get rid of browser hijackers

Certain browser hijacking can be simply corrected by identifying and removing the corresponding malware program from your control panel. Unfortunately, most of the software programs utilized to hijack a web browser are intentionally designed to be hard to remove or detect. Moreover, manual removal requires you to carry out many time-consuming and intricate steps which are tough to conduct for new computer users. Installing and running anti-malware software on the affected computer can automatically delete browser hijackers as well as other malicious applications. If you want to remove persistent browser hijackers quickly and effectively, install the top-rated Anti-Malware program Safebytes Anti-Malware. Along with anti-virus software, a system optimizer program can help you fix registry errors, get rid of unwanted toolbars, secure internet privacy, and enhance overall computer performance.

What you can do if Malware Stops You From Downloading Anti-virus?

Malware could cause all kinds of damage when they invade your system, from stealing your private information to deleting data files on your computer. Some malware sits in between the computer and the internet connection and blocks some or all sites that you really want to visit. It could also block you from adding anything to your machine, especially antivirus applications. If you are reading this, you may have got infected by malware that stops you from installing a computer security application like Safebytes Anti-Malware. Do as instructed below to get rid of the malware in alternate ways.

Download the application in Safe Mode with Networking

If the malware is set to load immediately when Microsoft Windows starts, entering Safe Mode could very well block the attempt. Since only the bare minimum applications and services start-up in safe mode, there are seldom any reasons for issues to take place. Here are the steps you should follow to boot into the Safe Mode of your Windows XP, Vista, or 7 computers (go to Microsoft site for instructions on Windows 8 and 10 computers). 1) At power-on/startup, press the F8 key in 1-second intervals. This will conjure up the “Advanced Boot Options” menu. 2) Use the arrow keys to select Safe Mode with Networking and hit ENTER. 3) When this mode loads, you should have internet access. Now, use your internet browser normally and navigate to https://safebytes.com/products/anti-malware/ to download Safebytes Anti-Malware. 4) Immediately after installation, do a full scan and allow the program to delete the threats it discovers.

Switch over to an alternate browser

Malicious program code could exploit vulnerabilities in a particular internet browser and block access to all anti-virus software sites. If you seem to have a virus attached to Internet Explorer, then switch over to an alternate web browser with built-in safety features, such as Firefox or Chrome, to download your favorite antivirus program – Safebytes.

Create a portable antivirus for removing malware

Another solution is to make a portable antivirus program on your USB stick. Adopt these measures to use a USB flash drive to fix your corrupted computer system. 1) Download Safebytes Anti-Malware or MS Windows Defender Offline onto a virus-free computer system. 2) Plug the USB drive into the clean PC. 3) Double-click the Setup icon of the antivirus software package to run the Installation Wizard. 4) Pick a USB flash drive as the location when the wizard asks you where you intend to install the software. Follow the directions to complete the installation process. 5) Remove the USB drive. You may now utilize this portable antivirus on the infected computer system. 6) Double click the Safebytes Anti-malware icon on the thumb drive to run the program. 7) Click the “Scan Now” button to begin the virus scan.

Let's Talk About SafeBytes Anti-Malware!

If you’re looking to download anti-malware software for your PC, there are numerous tools in the market to consider nonetheless, you cannot trust blindly anyone, regardless of whether it is paid or free program. Some of them are good but there are several scamware applications that pretend as legit anti-malware programs waiting to wreak havoc on your personal computer. When looking for antimalware software, pick one that provides solid, efficient, and total protection against all known computer viruses and malware. When thinking about reliable software programs, Safebytes AntiMalware is undoubtedly the highly recommended one. SafeBytes anti-malware is a powerful, highly effective protection tool made to help users of all levels of IT literacy in identifying and eliminating harmful threats from their personal computers. Once you’ve got installed this tool, SafeBytes superior protection system will ensure that no viruses or malicious software can seep through your PC. SafeBytes carries a variety of amazing features which can help you protect your PC from malware attack and damage. Listed below are some of the good ones: Real-time Threat Response: SafeBytes delivers complete and real-time security for your PC. It’ll monitor your personal computer for suspicious activity at all times and safeguards your PC from unauthorized access. Robust, Anti-malware Protection: With a critically acclaimed malware engine, SafeBytes gives multilayered protection which is made to catch and eliminate viruses and malware that are hidden deep inside your computer’s operating system. Fast Scan: Safebytes Anti-Malware, using its enhanced scanning engine, offers extremely fast scanning which can promptly target any active online threat. Safe Browsing: SafeBytes inspects the links present on a webpage for possible threats and alerts you if the site is safe to visit or not, through its unique safety rating system. Light-weight Tool: This software program is not “heavy” on the computer’s resources, so you’ll not see any performance troubles when SafeBytes is working in the background. 24/7 Online Technical Support: For any technical issues or product guidance, you could get 24/7 professional assistance through chat and email. To sum it up, SafeBytes Anti-Malware provides excellent protection combined with very low system resource usage with both great malware detection and prevention. You can be sure that your computer system will be protected in real-time once you put this software program to use. So if you’re searching for the absolute best malware removal application out there, and when you don’t mind shelling out some money for it, go for SafeBytes Anti-Malware.

Technical Details and Manual Removal (Advanced Users)

If you wish to do the removal of GoodShop Landing manually instead of employing an automated tool, you can follow these measures: Navigate to the Windows Control Panel, click the “Add or Remove Programs” and there, select the offending program to remove. In cases of suspicious versions of browser extensions, you can actually get rid of it through your browser’s extension manager. You will likely also want to reset your browser. To be certain of complete removal, find the following registry entries on your computer and remove them or reset the values appropriately. Please note that this is for professional users only and might be difficult, with wrong file removal leading to additional system errors. Additionally, certain malicious programs are capable to defend against its deletion. Doing this malware-removal process in Safe Mode is suggested.
Read More
Facebook messengers alternatives
People are becoming more and more concerned with their privacy and Facebook's flagship messaging application is caught between it all. While still widely popular it has becoming to lose its ground due to many unanswered questions about privacy encryption. Lucky for all of us there are alternatives for more secure messaging.

SIGNAL

Arguably the most secure of all well-regarded messaging apps, Signal is the favorite of the European Commission, as well as newsrooms around the world. While Signal doesn’t disclose how many daily or monthly users the app has, Google’s Play Store says it has been installed more than 50 million times. While using Signal, each voice or video call connected through the app includes full end-to-end encryption. Signal takes an extra step by hiding message metadata so that the location of the original message is missing. While it asks for your mobile number, that number isn’t used with your profile. Instead, it acts as a numeric username. Once registered, you will find 1-1 chat, audio, and video calls, disappearing or “secret” chats, and a privacy lock so nobody can access the app even if they have your phone. Best of all, it’s completely free to use.

TELEGRAM

One of the biggest competitors to Facebook Messenger (and WhatsApp), Telegram is a very strong alternative. With more than 400 million users, it offers an interface that should feel right at home for anyone coming from Messenger. Telegram offers some huge benefits over Messenger, including features like groups that can hold up to 200,000 members for a chat. There is no limit on your media or chat size, and you can share all types of files between users and in groups. From a privacy standpoint, Telegram has robust security, but it is worth noting that only “secret” messages are end-to-end encrypted and can self-destruct. Non-secret messages can be stored on Telegram’s servers so you can pick them up between your devices quickly. That’s a consideration worth knowing prior to making Telegram your default Messenger replacement. Telegram is free across all platforms.

THREEMA

Rising in popularity, Threema is another privacy-focused alternative that has quickly become a competitor to Facebook Messenger. This paid service ($2.99 on both App Store and Play Store) is a pay-once, use forever option. Once you pay the small fee, you gain all of Threema’s touted privacy options, like open-source end-to-end encryption for both messages and calls. Like Signal, Threema won’t require you to link any phone numbers or emails to your account. All chats are handled anonymously, and the service generates a random user ID when you first open and register for the app. No data is collected from any of your chats and no ads are shown. The Swiss-made app does have its own servers hosted in Switzerland, which do not store any chat messages. Another privacy benefit of Threema is the notion that all of your contact lists, groups, and user profiles are hosted on your device, not on the Swiss servers. Because of that, Threema can once again state that none of your personal info is stored anywhere they have access.
Read More
Fix Defender, The Threat Service has stopped
There are times when you see a message in Windows Defender saying, “The Threat Services has stopped, Restart it now” when you try to use it. This kind of error is usually fixed by simply clicking on the Restart now button. However, if the error still appears even after you restart your computer and you see another message that says, “Unexpected error, Sorry, we ran into a problem”, then continue reading as this post will guide you in resolving this issue in Windows Defender. Before you proceed with the given fixes below, you have to create a System Restore point first. This way, you can always undo any changes you’ve made in case something goes wrong.

Option 1 – Make sure that the Windows Defender Services are started

The Windows Defender Advanced Threat Protection service is the one that protects your computer from advanced threats by monitoring and reporting security events that happen on your computer. This is why you have to make sure that this, as well as other required services in Windows Defender, are set to their default values and are started. To do so, follow these steps:
  • In the Cortana search box, type “services” and click on the Services icon to open the Services Manager. Alternatively, you can also tap the Win + R keys to launch the Run prompt and then type “services.msc” in the field and hit Enter to open the Services Manager
  • After opening the Services Manager, look for the following services and make sure that their Startup type is set to their default values:
    • Windows Defender Advanced Threat Protection Service – Manual
    • Windows Defender Antivirus Network Inspection Service – Manual
    • Windows Defender Antivirus Service – Manual
    • Windows Defender Firewall Service – Automatic
  • You can right-click on each one of the listed services and then select Start to start them.
  • And if some of the services don’t have their default values, just double-click on the Services to change the Startup types and select the correct option from the drop-down menu of the Startup type under the Properties box.
  • Next, set up the Startup type of these services to Automatic and then click on the Start button if the services are not running yet.
  • Now click on the Apply and OK buttons to save the changes made and then see if it fixed the problem or not.

Option 2 – Try modifying some entries in the Windows Registry

If the first option didn’t work in fixing the problem, you can try to alter some entries in the Windows Registry using the Registry Editor.
  • First, tap Win + R keys to open the Run dialog box.
  • Then type “Regedit” in the field and hit Enter to open the Registry Editor.
  • Next, navigate to this registry path: HKLMSoftwarePoliciesMicrosoftWindows Defender
  • From there, look for the “DisabledAntivirus” and “DisableAntiSpyware” DWORDS from the right pane and change each one of their values to “0”. On the other hand, if you don’t see any of these DWORDS, you can create them instead and give each one of them a 0 value.
  • To create a DWORD, simply right-click on any empty space and select New > DWORD. Then name them both as “DisabledAntivirus” and “DisableAntiSpyware”.
  • Afterward, set the value of the newly-created DWORDS to 0.
  • Now exit the Registry Editor and reboot your PC to apply the changes made and then check if it has fixed the error in Windows Defender or not.
Read More
Start Search is not displaying results
If you have just installed the latest Cumulative Update on your Windows 10 computer and you find that since then, the Windows 10 Start Search is not displaying any results when you try to use it to search for something in your computer, then this post might help as it will give you some suggestions to fix the problem. This problem might be caused by some bugs brought in by the new cumulative update you’ve installed. It is also possible that Cortana is having some issues or that the Windows Search service hasn’t been initialized. Whatever the cause is, here are some suggestions you need to follow to fix this issue. You can try running the Search and Indexing troubleshooter or configure the
  1. Run Search and Indexing Troubleshooter
  2. Configure the Windows Firewall
  3. Reinstall Cortana.

Option 1 – Try to run the Search and Indexing troubleshooter

The first thing you can do is to run the Search and Indexing troubleshooter in Windows 10 as it checks whether the settings for Cortana are in place and automatically corrects any issues if the update or software installation has changed the settings. To run it just click on the Start button and select Settings > Updates and Security > Troubleshoot. From there, select the Search and Indexing Troubleshooter.

Option 2 – Restart Cortana’s process in the Task Manager

Restarting Cortana’s process in the Task Manager could also help you resolve the problem. Refer to the steps given below to do so.
  • Tap the Ctrl + Alt + Del keys to open the Security options window.
  • From there, look for the Task Manager in the given list and open it.
  • Next, look for the process of Cortana and right-click on it, and then select the End Task option to end its process.
  • After that, the Cortana process will restart by itself and re-initialize.

Option 3 – Try resetting Cortana

  • Open Cortana and go to the Settings section where you’ll see the “Turning off Cortana clears what Cortana knows on this device, but won’t delete anything from the Notebook. After Cortana is off, you can decide what you’d like to do with anything still stored in the cloud” option. Turn this option off.
  • Restart your PC.
  • After your computer boots, launch Cortana again and check.

Option 4 – Try to configure the Windows Firewall

  • Tap the Win + Fn + Shift (Pause) keys to open Control Panel.
  • From there, open the Windows Defender Firewall applet and click on the Advanced Settings to open the Windows Firewall with the Advanced Security panel.
  • Next, click on the Outbound Rules section and look for Cortana and then double click on it to open its Properties.
  • After that, make sure that the “Allow the connection” is selected although this is the default working setting.

Option 5 – Try to reinstall Cortana

If none of the options given above works, you must consider reinstalling Cortana.
  • First, right-click on the Taskbar and select the Task Manager.
  • Next, select File menu > Run new task and type “Powershell” in the field and then select the “Create this task with administrative privileges” option.
  • Click on OK to open the PowerShell console.
  • After that, type the following command and hit Enter to execute it:
Get-AppXPackage -Name Microsoft.Windows.Cortana | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)AppXManifest.xml"}
  • Restart your computer and check if the Windows Start Search is now working.
Read More
1 2 3 171
Logo
Copyright © 2023, ErrorTools. All Rights Reserved
Trademark: Microsoft Windows logos are registered trademarks of Microsoft. Disclaimer: ErrorTools.com is not affiliated with Microsoft, nor claims direct affiliation.
The information on this page is provided for information purposes only.
DMCA.com Protection Status