Logo

Automatically restart apps when you sign back

If you wish to continue where you have left off when you signed out of Windows follow this guide and learn how to continue your work after signing in, restart apps in your Windows.

You can set Windows 10 to Automatically save your restartable apps when you sign out and restart them after you sign in. Here’s how:

  1. Right-click on the Windows logo to open the secret menu
  2. Select Settings
  3. Click open Accounts
  4. From the left side, select Sign-in options
  5. Scroll down till you see Restart apps setting
  6. Toggle the Automatically save your restartable apps when you sign out and restart them after you sign in setting to On position

Do You Need Help with Your Device?

Our Team of Experts May Help
Troubleshoot.Tech Experts are There for You!
Replace damaged files
Restore performance
Free disk space
Remove Malware
Protects WEB browser
Remove Viruses
Stop PC freezing
GET HELP
Troubleshoot.Tech experts work with all versions of Microsoft Windows including Windows 11, with Android, Mac, and more.

Share this article:

You might also like

How to Fix Error Code 0xC004C003 When Installing Windows 10

What is Error Code 0xC004C003?

Error code 0xC004C003 has to do with activating Windows 10 after a clean install. This problem has been a frequent nuisance to users trying to update from Windows 7 or 8.1 following the invite path they got from Microsoft.

Solution

Restoro box imageError Causes

There are several problems that may have caused error code 0xC004C003. The most common of them are:
  • The product key entered was invalid, and cannot be used to activate the new OS.
  • The user followed the proper installation procedure, but the Windows update servers were too busy to handle the activation at that moment.
  • The free upgrade invitation was followed but after the reinstallation, the copy of Windows 10 was still not activated.
  • The user tried to perform a full clean install of Windows 10 instead of upgrading from Windows to Windows 10

Further Information and Manual Repair

A lot of solving error code 0xC004C003 has to do with the method in which the user has tried to update the system. If one decided to try and update the program before being invited to do so by the update manager, he must wait. Unfortunately, if one chooses to do it on his own and download a clean install, he was never given a product code to authenticate the process. There are two options to address error code 0xC004C003 — either restore to the previous Windows Operating System or call Microsoft (or visit their Website) and purchase a product key. The Windows update servers are very busy. There are lots of Microsoft users around the world, and the servers are doing their best to get to each and every one of the users as fast as possible, but they can only move at a certain speed. Your best bet is to sit back and wait a while. But what if you were invited, and properly downloaded Windows 10, then decided to do a clean install? It is advised that one do not try to enter Windows 7 or 8.1 serial code as this will not work. However, unlike the problem above, these users will NOT need to purchase a product key. According to Microsoft Support Staff, the installation servers are also very jammed because of the high numbers of installations going on right now. No matter what posts you may read, the key IS genuine, and it is NOT blocked, broken, or invalid. To check if Windows has been properly activated, open the Command Window. Make sure you are logged into an administrator profile; otherwise this check will not work. Type in “slmgr.vbs/ato” and click Enter and then wait. While waiting, the command will check on the status of the activation. Windows Script Host will open and show whether or not it is activated. A lot of users have reported that the activation did not work for the first few times. However they later reported after some more attempts, no issue was found in the way the operating system updated and that the activation process went smoothly. This is most likely due to the overload on the Windows Update servers, so bear with Microsoft. Users have reported that when trying to correct error code 0xC004C003, they have followed the upgrade path and then been told by Microsoft that the key was invalid and they had to purchase a new one. If the upgrade path provided by Windows 7 and Windows 8.1 is correctly followed then there is nothing to worry about Just wait a while and try it again. If there are prolonged issues, speak with a technician by visiting the Microsoft website and contacting the help center by calling the number provided. Give them all relevant information and they will be sure to help accordingly. The best solution to fix error code 0xC004C003 is to wait. In essence, the user will be waiting to reenter the same product key. According to Microsoft, and many user posts found online, it is recommended to wait a while and then try to activate again. This seemed to be an answer to most users' problems, and seem to work just fine. If the problem persists, take it to a windows repair technician to have it sorted out. If that does not work, use a powerful automated tool to fix the problem.
Read More
EU Common Charge Rules

In 27 European countries for some time it has been considered for introducing a law that would force phones, tablets, laptops, and other mobile devices to use a single USB Type-C connector.

EU charge law

The European Parlament announced that a provisional agreement has been reached and that it was voted that a single charging solution is USB Type-C. The current agreement applies and covers the next devices: phones, tablets, Readers, earbuds, digital cameras, headphones, headsets, handheld consoles, and portable speakers. All currently existing devices can still be sold without issues but starting in the fall of 2024 all-new products must support USB Type-C charging.

The agreement will also hit Laptops but not on the same date, How is USB Type-C currently not enough for charging laptops, all new laptops that will have to use it are scheduled for fall of 2025.

Although the agreement is reached the EU Parliament and Council still have to formally approve everything.

Apple targeted the most

Apple has been targeted as the main target for rules since their iPhones are still using Apple's proprietary Lightning charging port. Apple sells a lot of iPhones in Europe and even though iPad Pro and iPad Air along with all MacBooks have moved to USB Type-C, iPhones are still struggling with the Lightning port.

Apple criticized the EU’s charger rules when they were first proposed in 2021, telling the BBC, “We remain concerned that strict regulation mandating just one type of connector stifles innovation rather than encouraging it, which in turn will harm consumers in Europe and around the world.” The European Union has said in response that it will update its rules as new technology arrives.

Why was this proposed?

The main problem in Europe that led to this proposition was electronic waste which reached 11 000 metric tons in 2018. European union is afraid that this will keep rising as chargers become larger and heavier in order to accommodate faster-charging speeds. More electronic waste means more hardware slowly decomposing in landfills that will contribute to climate change affecting everyone on the planet, not just the people living in Europe.

Read More
Why You Need Antivirus Software & How to Select the Right One

Anxiety from all these digital threats lurking everywhere? An antivirus program can help put your mind at ease.

What can a virus do to your device?

A virus is malicious software that can affect pretty much any device and does so in a variety of ways. Be it your computer, your phone or your smart lightbulb - as long as there’s access to the internet, malware can get to it.

How exactly does this kind of attack manifest itself? Well, there’s a wide variety of effects ranging from mild to severe. Among other things, they depend on which type of malware attacks your device - a virus, spyware, ransomware, adware or something else.

These are some of the things you can expect to happen:

  • Slow performance
  • System crashes
  • Theft of data and sensitive information
  • Connectivity issues
  • Constant browser redirects
  • Strange messages sent to your contacts 
  • Interference with files

It really can be the stuff of nightmares. So, if you want to sleep peacefully knowing that your devices are completely safe, you should definitely consider getting an antivirus.

P.S. don’t let its name fool you - an antivirus does indeed protect your devices against more than just viruses.

What is antivirus software exactly?

Antivirus software is designed to help you battle and ward off malware. Basically, it scans your device to detect any suspicious activity and offers tools to get rid of the culprit. 

At first, antiviruses were developed to fight against viruses only, but nowadays they cover a lot more ground. Here are some of the biggest benefits of getting yourself a powerful defender.

Advantages of antivirus software

1. It fights those pesky ads

Look, constant ads that pop up everywhere aren’t the absolute worst thing that can happen on your computer. If anything, they are annoying, like when you’re trying to sleep but that one fly in your room just won’t stop buzzing.

Now, there’s a free, well-established solution for that - installing an ad blocker. And we’re about a hundred and ten percent sure you’ve already done that on each and every browser you use.

However, “if I can’t see it, it doesn’t exist” isn’t the most ideal approach for your online safety. Ad blockers can’t block everything and they won’t protect you from potential adware. An antivirus on the other hand offers that layer of protection against malware snuck into pop-ups and spammy websites.

2. It protects you from hackers

Hackers don’t target government institutions only. They’ll target regular people too if they have something to gain.

Antivirus can protect you from hackers
Credit: Clint Patteron (Unsplash)

There are different types of hacking, such as phishing e-mails, transmission of malicious programs, credential reuse, denial of service and more. In any case, they take control of your device and hijack your data.

The good thing is that, as threats evolve, antiviruses evolve too and there are tons of quality programs on the market that can keep you secure for an affordable price.

3. It keeps your files and data safe

When malware enters your device, it can target pretty much any file and get access to any and all data.

Installing an antivirus program will make sure that every single file, new or old, is monitored at all times, warning you against threats immediately. That way, you can make sure to react before your other files become infected and data is lost or stolen.

Another great thing for data protection is that the best antivirus software normally comes with a password manager, so no one can use malware to steal your passwords.

4. It blocks all kinds of malware

As we already stated, malicious attacks can be performed in many ways and malware comes in in different shapes an sizes, such as:

  • Trojan horse
  • Spyware
  • Ransomware
  • Adware
  • Rootkit
  • RAT (remote access Trojan)
  • Keyloggers
  • Worms
  • Botnets
Illustration of a computer worm
Credit: Growtika (Unsplash)

Nowadays, antivirus software is designed to fight against all of these types. That’s why more often than not we hear the term 'antivirus' used interchangeably with 'anti-malware,' like in this article.

5. It keeps your children protected

You can’t keep your eyes on your kid every second of the day and you can’t protect them from everything. But at least you can limit their exposure to the threats they can encounter at every corner of the digital world.

An antivirus program will block harmful or suspicious websites and ads, which is great both for you and your children. To take it a step further, though, many such programs come with special parental controls and offer monitoring as well. It’s a great solution for keeping your kids safe online without sounding like the irritating, overbearing, controlling parent who “just doesn’t get it!”

How to pick one

There are definitely lots of different antivirus programs out there, both free and paid. We recommend you look for a paid option, since free ones are unfortunately a lot more susceptible to being compromised through malicious attacks.

Now, there are a few factors to consider when choosing the right software. If you use your PC for basic things then a basic antivirus will suffice. However, the more complex your use and the more sensitive the data you deal with, the stronger it needs to be.

It’s also crucial that you take into account the features it includes. As we already mentioned, some programs have additional security options. For example, depending on the package you select, Bitdefender provides:

  • Webcam and mic monitoring
  • Parental control
  • Firewall
  • VPN
  • Password management
  • Identity theft protection

Some are included in plans and some are separate products, so make sure to check out all the offers.

And don’t worry if you have multiple PCs or you’re looking for protection for your smartphone or tablet as well; Bitdefender has suitable solutions for your needs. Of course, you can also just pick their classic antivirus software if you’re not in need of advanced protection.

Another important point is how regularly the software is updated and enhanced. The more frequent the updates the better, as bugs can make the program more vulnerable. Other things we advise you consider are user-friendliness, impact on performance, reputation (user reviews especially) and, of course, price.

The bottom line

Fact is: anyone can be a malware victim. Don’t let it be you.

You can’t put a price on peace and security, so don’t be reluctant to pay for yours - especially since a lot of options out there are extremely affordable. Is $159.00 a year really too much to pay for cross-platform protection for up to 10 devices? We don’t think so.

Explore your options and protect your files and data before it’s too late.

Read More
Media Creation Tool Error 0x80042405-0xA001A
As you know, the Windows Media Creation Tool is a great utility in Windows that helps lots of users in installing Windows on their PCs. However, just like any other program in Windows, it also experiences a couple of issues every now and then. So in this post, you will be guided on how you can resolve a particular issue in the Media Creation Tool which is the error 0x80042405-0xA001A. You can encounter this error while creating a USB installation media used in installing Windows 10. When getting this kind of error in the Windows Media Creation Tool, you will see the following error message on your screen:
“We’re not sure what happened, but we’re unable to run this tool on your PC, Error code 0x80042405 – 0xA001A”
The error 0x80042405 – 0xA001A occurs while creating a bootable USB installation drive. This is a common error faced by many users and it has something to do with the USB hardware. To get this issue fixed, here are some suggestions you could check out.

Option 1 – Try to reformat the USB drive

Reformatting your USB drive might help in fixing error 0x80042405 – 0xA001A.
  • Open This PC and right-click your USB drive from there then select Format.
  • Next, select FAT32 as the drive type and uncheck the “Quick Format” option.
  • After that, try to run the Windows Media Creation Tool again and check if the error is fixed or not. But hopefully, it should work since formatting the drive as FAT32 will give the driver a proper type and would resolve any minor issues in the drive.

Option 2 – Copy the Windows Media Creation Tool to the USB drive

If the first option didn’t work, you might want to copy the latest version of the Media Creation Tool to the USB drive. After you do that, you can run it from inside the drive. This is actually a working fix and can definitely get the USB drive to run with Windows inside it so it should resolve the error 0x80042405 – 0xA001A on the Windows Media Creation Tool.

Option 3 – Run CHKDSK to check the drive for errors

When it comes to some issues concerning the hard drive or removable devices, there is a utility in Windows that might help which is called “chkdsk”. This error check utility can help with several issues in the system including the “Diskpart failed to clear disk attributes” error.
  • Tap the Win + S keys to open the Search box.
  • Then type “command prompt” in the field and from the search results that appear, right-click on Command Prompt and select “Run as administrator”.
  • After opening an elevated command prompt, copy and paste the following command and hit Enter:
CHKDSK [volume [[path] filename]] [/F] [/V] [/R] [/X] [/C] [: size]]
Note: In the command given above, “[/F]” will try to fix the system errors while “[/R]” will be the one to fix the bad sectors.
  • Now if you are prompted to run CHKDSK after your reboot your PC, just tap Y and reboot your PC.
  • If CHKDSK is not able to find any errors, tap the Win + E keys and navigate the access window. From there, right-click on the concerned drive and click on Properties.
  • After opening Properties, click on the tab Tools and then click on the “Check” button under the Error-checking section.
  • Wait until the process is completed and then restart your computer.

Option 4 – Try checking the hardware components

On the other hand, it is also possible that the issue has something to do with a hardware problem and so you need to check the hardware components on your computer to determine that.
Read More
Increase your Internet Speed in Windows 10
If you are dissatisfied with your internet speed on your computer but do not want to shell out more money for a faster package or simply there is not a faster package, lay down and enjoy this article where we will go through some common practices and tweaks which will result in increasing your internet speed. Please note that this guide will not be able to go beyond the limits of your internet provider's physical speed, this guide is made you can squeeze the maximum from your existing plan and eliminate speed drops.
      1. Modify IRPStackSize

        Press ⊞ WINDOWS + R to open the run dialog keyboard with windows and r markedIn run dialog type RegEdit and press ENTER run dialog with regeditIn registry editor find HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters Right-click on Parameters> New> DWORD 32 Name it IRPStackSize and change the value to 32 Save and reboot your computer.
      2. Add a Default TTL

        Press ⊞ WINDOWS + R to open the run dialog keyboard with windows and r markedIn run dialog type RegEdit and press ENTER run dialog with regeditIn registry editor find a key Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters Right-click on Parameters> New> DWORD 32 Name it DefaultTTL and change the value to 64 Save and Reboot
      3. Close Background Applications which are using the internet

        If some applications are running in the background that are using the internet, your speed will be much lower. CLose them to gain speed.
      4. Modify the TCP1323Opts value

        Press ⊞ WINDOWS + R to open the run dialog keyboard with windows and r markedIn run dialog type RegEdit and press ENTER run dialog with regeditIn registry editor find a key Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters There should be a DWORD Value, TCP1323Opts, if not, then create it. Right-click on Parameters> New> DWORD (32-bit) Value. Double-click on it and change its value to 1 Save and reboot
      5. Scan system for Viruses and other malware

        Viruses and malware applications can not only slow your entire system, but they can also reduce your internet speed as well. Do a complete scan of your system to be sure you do not have any malicious software on it.
Read More
Windows 10 tips and tricks for easy work
Hello everyone and welcome to our new Windows 10 tips and tricks article. Today we will be focusing on small Windows tricks that could prove very useful in everyday workflow and hopefully make your life easier by implementing them in your daily routine. I am very excited to share this with you all and I hope that you will use them from now on. That being said let us begin.

Tip 1: Minimize all open windows except one.

Daily to the daily routine can involve many opened windows on a desktop and sometimes things can get messy, if you want to minimize all windows to the taskbar except one do this: Click on one window thus selecting him, click and hold the left mouse button on that windows title bar, now shake it up and down and all other windows will escape down to taskbar leaving only one you are shaking on the desktop.

Tip 2: Open the Secret Windows menu.

Through our tutorials on various errors and fixes, we have used this method already but here it is again since it is worth mentioning. If you want to open the command prompt easy and fast, or device manager, event viewer, shut down, etc. In order to open this secret menu all you need to do is press ⊞ WINDOWS + X.

Tip 3: Create an Event without opening the calendar application.

You can easily create an event without opening a calendar application, all you have to do is left-click on the clock in the taskbar, click once on a date for the event, and under calendar in event field type event description. The event will show in the calendar application like it was entered there.

Tip 4: Taking a screenshot.

This one is my favorite and it speeds up workflow very very much. Typically you take screenshots by pressing the PrntScr button on your keyboard. Now, the problem with this approach is that the screen is placed in computer memory, in the clipboard and you will need another picture processing application in order to save it. Now if you would press ⊞ WINDOWS + PrntScr, the picture would be automatically saved in your pictures/screenshots folder. And if that is not enough, you can press ⊞ WINDOWS + S + SHIFT to start Snip & Sketch tool and select the area which you would like to screen capture, this method will also place pictures in the clipboard.

Tip 5: Open pinned applications in your taskbar with your keyboard.

We have covered this one in our Windows keyboard shortcuts tips and tricks here, but if you missed that article here is the tip again. By pressing ⊞ WINDOWS + number 1,2,3...0 you will start the application from your taskbar counted from left to right.

Tip 6: Check how much Hard drive space installed applications are taking.

Applications and temporary files grow over time and can slow the system and cause some other unpleasant experiences. Go to Settings > System > Storage, click on the Hard drive on which you have installed applications, and see how much each one is taking, you can remove it from this screen also freeing some space.

Tip 7: Remove ads from the START menu.

Windows has so-called suggestions in the START menu, no matter how Microsoft is calling them, let's face it, they are ads and in my opinion, they do not belong in my START menu. To turn them off, go to Settings > Personalization > Start. Toggle the setting called Show suggestions occasionally in Start to the off position.

Tip 8: Shut down background applications.

Some applications are running in the back and are taking system resources and can send telemetry information, if you want to turn them all off go to Settings > Privacy > Background apps. To stop all apps from running in the background, toggle Let apps run in the background to off. You can choose which apps to run in the background individually by going down the list on the same page.

Tip 9: Use Background scrolling.

Did you know that you can scroll on inactive windows? To do this, just hover over the inactive background window and roll your mouse when the content of the window should be scrolling even if it's not one you are working on. If by any chance this is not happening, go to Settings > Devices > Mouse, and toggle Scroll inactive windows when I hover over them to On.

Tip 10: Show file extensions in File Explorer.

By default extensions of files are hidden, so let's say that for example, you are in a folder with pictures, you have plenty of pictures there but you do not know are they JPG or JPEG for example, do not worry there is an easy fix to bring showing extensions back. Start File Explorer, click on view top menu item, click on options, Uncheck the box that says Hide extensions for known file types. Click Apply, and OK.

Tip 11: Use focus assist.

Set it up by going to Settings > System > Focus assist. Choose from three options: Off (get all notifications from your apps and contacts), Priority (see only selected notifications from a priority list that you customize, and send the rest to your action center), and Alarms only (hide all notifications, except for alarms). You can also choose to automatically turn this feature on during certain hours, or when you're playing a game.

Tip 12: Rotate your screen.

If you have multiple screens set up or you have the rotatable screen press and hold CTRL + ALT together, then use a directional arrow to flip the screen. The right and left arrows turn the screen 90 degrees, while the down arrow will flip it upside down. Use the up arrow to bring the screen back to its normal position.

Tip 13: Enable GOD mode.

Have you always felt limited with Windows settings? Don't be, Right-click on the desktop and select New > Folder. Re-name the new folder with this bit of code: GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} To enter the "God Mode" window, double-click the folder.

Tip 14: Use Virtual Desktops.

Click on Task View (the icon next to the search box). This will separate all your open windows and apps into icons. You can then drag any of them over to where it says "New desktop," which creates a new virtual desktop. Once you click out of Task View, you can toggle between virtual desktops by pressing the ⊞ WINDOWS + CTRL + right/left arrows. To remove the virtual desktops, just go back into task view and delete the individual virtual desktops, this will not close out the apps contained within that desktop, but rather just send them to the next lower desktop.

Tip 15: Customize the command prompt.

Yes, you can customize the command prompt, in order to do so, open it and right-click on its title bar, choose properties and go wild. Special badge if you make it look like commodore 64 BASIC.

Tip 16: Dictate, not type.

If you have speech recognition ON, pressing ⊞ WINDOWS + H will bring up a voice recorder, just speak and see how you can easily "write" emails, etc.

Tip 17: Use sandbox.

In Windows you have a sandbox option, which will open another Windows instance inside Windows, what do you need this? Well once the sandbox is closed everything in it is closed and if you catch the virus or other dangerous software, closing the sandbox will destroy it not affecting your actual Windows. Use it for safety testing and enjoy an easy life. Enable Windows Sandbox inside the Control Panel.

Tip 18: Use a hidden game bar.

Press the ⊞ WINDOWS + G, you can pull up the new-and-improved Game Bar. This lets you switch your Windows PC into gaming mode, which pools system resources to the game, turns off notifications, and lets you record and broadcast your gaming, along with added panels for controlling your audio, monitoring FPS, and tracking achievements. And that's it, Our 18 tips and trick to make your Windows 10 life easier, more productive, and overall more enjoyable. I certainly hope you have enjoyed reading this article same as I was writing it. Until next time if I do not see you, good afternoon, good evening, and good night.
Read More
The PrintNightmare vulnerability finally fixed
PrintNightmare vulnerability has been a struggling issue for Microsoft in the past weeks, each time it seems to be addressed and fixed something new popped up and it still had issues. Microsoft finally addressed the issue but with a price. The default behavior of Point and Print is changed. From this fix onward, the Point and Print driver installation and update behavior will require administrator privileges, which should prevent the exploit to the Windows Print Spooler that could be used by malicious individuals to gain administrative privileges in Windows. The drawback of this fix from Microsoft is that non-elevated users may have difficulty adding or updating printers. Microsoft feels that the security risks caused by PrintNightmare are worth the tradeoff, though. If you really want to let non-elevated users add printers, you can follow the instructions in this Microsoft Support article to disable this mitigation with a registry key. However, doing so will expose you to this known vulnerability and isn’t recommend.
Read More
Win Firewall and third party Firewall are off
As you know, the Windows 10 operating system, as well as other Windows versions, comes with the Windows Firewall. In Windows 10, the firewall allows users to install and run a third-party firewall. This kind of firewall works independently to block any suspicious activity on your computer. However, recently, some users reported that they are getting a notification on the Startup saying,
“Windows Firewall and <Third party firewall name> Firewall are both turned off; tap or click to see available options”.
This particular error could be caused by a lot of factors but when you manually check the firewall, you’ll find that there really is nothing wrong with both the Windows Firewall and the third party firewall. So if both the Windows Firewall and third-party firewalls like McAfee, Comodo, and many others are both turned off in Windows 10, then you need to do several things to resolve the problem – you need to check the supporting services that are required and uninstall and then reinstall the third party firewall on your computer. For more instructions, refer to the options provided below.

Option 1 – Try enabling all the supporting services for the firewall

The first thing you can do to resolve the error with the firewall is to check all of its supporting services by following these steps:
  • Tap the Win + R keys to open the Run utility and type “services.msc” in the field and then hit Enter to open the Windows Services Manager.
  • Next, look for the Windows Defender Firewall service among the given list of services.
  • Once you found it, make sure that its Startup Type is set to Automatic and that the status of the service is Running. So if it’s not running, just click on the Start button.
  • In addition, you also have to make sure that the following services’ status is set as follows:
    • Xbox Live Networking Service: Manual
    • Base Filtering Engine: Automatic
  • Once done, start the firewall again and check if the error is now fixed or not.

Option 2 – Try to uninstall and reinstall the third-party firewall

It is possible that the firewall error might be due to an error with the compatibility of the installation in Windows 10 and the third-party firewall. Thus, the next thing you can do is to uninstall the third-party firewall and then reinstall it again. Once you have uninstalled the third-party firewall, you can download its latest version from its official website and install it again. This should fix the error with the firewall.
Read More
How to Obliterate PyLocky Ransomware

What is PyLocky ransomware? And how does it execute its attack?

PyLocky ransomware is a file-locking malware created in order to lock important files and demand ransom from victims in exchange for data recovery. This new ransomware uses the .lockymap extension in marking the files it encrypts. It starts to execute its attack by dropping the following malicious payload in the system:
Name: facture_4739149_08.26.2018.exe SHA256:8655f8599b0892d55efc13fea404b520858d01812251b1d25dcf0afb4684dce9 Size: 5.3 MB
After dropping its malicious payload, this crypto-malware connects the infected computer to a remote server where it downloads more malicious files and places them on system folders. It then applies a data gathering module used to gather data about the user and the computer. The malicious files that were downloaded earlier along with the data obtained are used for another module called stealth protection. This allows PyLocky ransomware to execute its attack without detection from any security or antivirus programs installed in the system. It also modifies some registry keys and entries in the Windows Registry such as:
  • HKEY_CURRENT_USERControl PanelDesktop
  • HKEY_USERS.DEFAULTControl PanelDesktop
  • HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun
  • HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunOnce
Once all the modifications are carried out, PyLocky ransomware will begin encrypting its targeted files using a sophisticated encryption cipher. Following the encryption, it adds the .lockymap extension to each one of the encrypted files and releases a ransom note named “LOCKY-README.txt” which contains the following content:
“Please be advised: All your files, pictures document and data has been encrypted with Military Grade Encryption RSA ABS-256. Your information is not lost. But Encrypted. In order for you to restore your files, you have to purchase a Decrypter. Follow these steps to restore your files. 1* Download the Tor Browser. ( Just type in google “Download Tor“ 2‘ Browse to URL: http://4wcgqlckaazungm.onion/index.php 3* Purchase the Decryptor to restore your files. It is very simple. If you don’t believe that we can restore your files, then you can restore 1 file of image format for free. Be aware the time is ticking. Price will be doubled every 96 hours so use it wisely. Your unique ID : CAUTION: Please do not try to modify or delete any encrypted file as it will be hard to restore it. SUPPORT: You can contact support to help decrypt your files for you. Click on support at http://4wcgqlckaazungm.onion/index.php”

How does PyLocky ransomware spread over the web?

PyLocky ransomware spreads using malicious spam email campaigns. Creators of this threat embed an infected attachment to spam emails and send them using a spambot. Crooks may even use deceptive tactics to trick you into opening the malware-laden immediately which is something you must not do. Thus, before opening any emails, make sure that you’ve thoroughly checked them. To successfully obliterate PyLocky ransomware from your computer, refer to the removal guide laid out below.
  • Step 1: Launch the Task Manager by simply tapping Ctrl + Shift + Esc keys on your keyboard.
  • Step 2: Under the Task Manager, go to the Processes tab and look for the process named facture_4739149_08.26.2018.exe and any suspicious-looking process which takes up most of your CPU’s resources and is most likely related to PyLocky ransomware.
  • Step 3: After that, close the Task Manager.
  • Step 4: Tap Win + R, type in appwiz.cpl and click OK or tap Enter to open Control Panel’s list of installed programs.
  • Step 5: Under the list of installed programs, look for PyLocky ransomware or anything similar, and then uninstall it.
  • Step 6: Next, close the Control Panel and tap Win + E keys to launch File Explorer.
  • Step 7: Navigate to the following locations below and look for PyLocky ransomware’s malicious components such as facture_4739149_08.26.2018.exe and LOCKY-README.txt as well as other suspicious files, then delete all of them.
%TEMP% %WINDIR%System32Tasks %APPDATA%MicrosoftWindowsTemplates %USERPROFILE%Downloads %USERPROFILE%Desktop
  • Step 8: Close the File Explorer.
  • Step 9: Tap Win + R to open Run and then type in Regedit in the field and tap enter to pull up Windows Registry.
  • Step 10: Navigate to the following path:
HKEY_CURRENT_USERControl PanelDesktop HKEY_USERS.DEFAULTControl PanelDesktop HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunOnce
  • Step 11: Delete the registry keys and sub-keys created by PyLocky ransomware.
  • Step 12: Close the Registry Editor and empty the Recycle Bin.
Try to recover your encrypted files using the Shadow Volume copies Restoring your encrypted files using Windows Previous Versions feature will only be effective if PyLocky ransomware hasn’t deleted the shadow copies of your files. But still, this is one of the best and free methods there is, so it’s definitely worth a shot. To restore the encrypted file, right-click on it and select Properties, a new window will pop up, then proceed to Previous Versions. It will load the file’s previous version before it was modified. After it loads, select any of the previous versions displayed on the list like the one in the illustration below. And then click the Restore button.
Read More
How to remove BIOS password
BIOS is software that is running in a chip located on your motherboard, you can enter BIOS usually by hitting DEL once the computer is turned ON but this sometimes varies and it depends solely on the motherboard manufacturer. Inside BIOS you can configure your computer components and set up some other important things including passwords for BIOS itself or for the entire system. Password itself is meant to protect access to BIOS from other non-technical users or to prevent access to the system from other people if for example computer is in one household and you would like to be the only one having access to it. However, passwords can be forgotten, and sometimes you can even purchase a second-hand computer with a password on it. In this guide, we will lead you through ways on how to remove your BIOS password so you can regain access to your BIOS settings.
  1. Use Manufacturers master password

    Most motherboard manufacturers have built-in a couple of master passwords for BIOS access. If your motherboard has one you can easily find it on the manufacturer's website. Use the master password and remove other passwords inside BIOS, save and exit.
  2. Remove CMOS battery

    If you could not find the manufacturer's master password or your motherboard model does not have one remove the CMOS battery to reset BIOS. Note that this method will reset the whole BIOS not only the password. Open on side of your computer casing and locate the round battery on it, do not worry, there is only one battery so you can not make mistake. Remove the battery and leave it outside for around 20 to 30 minutes then place it back as it was, CMOS is reset now and you can access BIOS.
  3. Reset BIOS via jumper

    If you want to remove only the password and do not touch other BIOS setting you can locate the BIOS password reset jumper. How the location of this jumper and position is different from the motherboard to motherboard we can not cover them all here and it is advisable to read the manual or find information on the official manufacturer's website.
If you would like to read more helpful articles and tips about various software and hardware visit errortools.com daily.
Read More
1 2 3 171
Logo
Copyright © 2023, ErrorTools. All Rights Reserved
Trademark: Microsoft Windows logos are registered trademarks of Microsoft. Disclaimer: ErrorTools.com is not affiliated with Microsoft, nor claims direct affiliation.
The information on this page is provided for information purposes only.
DMCA.com Protection Status