To help ensure that the Save As dialog pops up on top of the application where you can see it:

HKCU\Control Panel\Desktop

Change ForegroundLockTimeout from decimal 200000 to 0

If you have been given a “validation code” for your Quickbooks, you can easily get to the registration window where it asks you for this code without having to go through the registration shenanigans. Open QuickBooks, select Help and then About QuickBooks. When the product splash screen shows, press Ctrl-R-P (hold the Ctrl key down then press R and P in succession). This opens the window that lets you enter your validation code.

Use powershell to set the spam/junk filter operation for all users:

1. $UserCredential = Get-Credential
2. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
3. Import-PSSession $Session
4. Get-Mailbox
5. Get-Mailbox | Set-MailboxJunkEmailConfiguration –Enabled $False

This disables the filter for all. Change $False to $True in #5 to enable the filter for all.

We have some installations that use Access 2003 due to necessity.  We noticed that, after a Windows update, these Access programs ceased to work because the Object Library references get changed.  So, when the Switchboard tries to open, it gives this error:

The expression On Open you entered as the event property setting produced the following error: Object or class does not support the set of events.

To fix this, find the file MSACC.OLB that has a relatively recent timestamp.  It is usually in C:\Program Files\Microsoft Office\Office\Office12\MSACC.OLB but it may be in a different subfolder depending on your installed office versions.  Rename this file to MSACC.OLB.OLD, then open Access 2003 and it should re-configure itself and all is well.  In one case, we had to do a “repair” on Access to get it to work properly.

After this is done, you can rename the MSACC.OLB.OLD file from above back to MSACC.OLB so that later versions of Access you have will work properly.

To set up a Guest/Visitor account with limited rights on a Windows 10 computer, open an elevated command window and use these commands:

1. net user Visitor /add /active:yes
2. net user Visitor *
   You are prompted to enter and confirm a password but you can leave both blank since it’s a very limited account.
3. net localgroup users Visitor /delete
4. net localgroup guests Visitor /add

You will now see an account called Visitor you can choose on the sign-on screen.

There are still plenty of these machines around so, if you find no network connection after a reboot, check that the IPSEC port is excluded from use to avoid a glare condition like this:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ReservedPorts

Add an entry in the format xxxx-yyyy for the port range. For a single port like this, both sides are the same.  So, for IPSEC which uses port 4500, add

4500-4500

For reference, these are other ports that can be added if necessary:

1433-1434 [MSSQL](more if you have other SQL instances on the system)
1745-1745 [ISA Server 2000 or ISA Server 2004]
1080-1080 [SOCKS]
1718-1720 [H.323 Gatekeeper (ISA 2000 only)]
3343-3343 (already in many systems)
1645-1646 [IAS](Radius)
1701-1701 [L2TP]
1812-1813 [IAS](Radius)
2883-2883 [AUTD]
4500-4500 [IPSEC]
1801-1801 [MSMQ](already in some systems)
4070-4071 (BES)
3500-3619 [ISA Server 2000 only]

The “code blue” NSA hack that exploits a bug in Windows SMB was used to spread WannaCry ransomware via fake emails with malicious attachments and clickable links.  Microsoft released a patch for this in March, 2017 through Windows Update for Windows 7 and later.  Patches for earlier versions of Windows are available here:

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

There are patches here for:

Windows Server 2003 SP2 x64
Windows Server 2003 SP2 x86
Windows XP SP2 x64
Windows XP SP3 x86
Windows XP Embedded SP3 x86
Windows 8 x86
Windows 8 x64

When adopting a Windows 7 machine as a file server, it may run out of resources with these entries in the Event Log:

Event Id 2017 The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

Client computers will get messages about read-only or resource not available.

The following changes will resolve this:

HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\LargeSystemCache = 1

HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\Size = 3

Then reboot the machine.

One of the ways a computer can be infected with ransomware is hacking into an RDP-enabled workstation using brute force/password guessing. However, it can be difficult identifying which workstation is the target and you find various user accounts being locked due to excessive wrong passwords.

On the AD machine, open a command prompt and enter:

Nltest /DBFlag:2080FFFF

Now, all logon attempts will be logged in %windir%\debug\netlogon.log as [LOGON]
Successful logons show return code 0, hacking has non-zero return codes.

To turn off logging, open a command prompt and enter:

Nltest /DBFlag:0×0

New Windows 10 computers with high-DPI screens will exhibit a Remote Desktop screen with tiny icons which are sometimes too small to see.  This can be resolved by using “manifest” files.  Here’s how:

1. Navigate to HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide

2. Right click on the SideBySide folder and then click on New, DWORD (32Bit)

3. Create a new key called PreferExternalManifest and set its value to 1.

4. Close Registry Editor

5. Download and un-zip this pre-configured manifest file and place the mstsc.exe.manifest file in the same folder as the MSTSC.EXE file (C:\Windows\System32)

Scaling should be readable now.