IT Services | IT Consulting | Computer Repair | Computer Services | Computer Network | Business computer

IT Services | IT Consulting | Computer Repair | Computer Services | Computer Network | Business computer

Expandmenu Shrunk

  • Category Archives ToolBox posts
  • How to disable all WordPress plugins directly from the database?

    https://www.siteground.com/kb/how_to_disable_all_wordpress_plugins_directly_from_database/

    You can easily disable all WordPress plugins directly from your database. This is useful when you have problems with your WordPress installation, such as not being able to log in to the admin Dashboard, or having blank pages on the website.

    If you don’t know which is the database used by your WordPress website, you can check the DB_NAME variable in the WordPress configuration file – wp-config.php. This file is usually located in the document root directory of your application and can be opened via the File Manager in cPanel.

    To disable all plugins, go to phpMyAdmin in cPanel and select your WordPress database from the menu on the left.

    Browse the table wp_options and find the option active_plugins. Click the pencil icon to edit the table. Its content will vary, depending on what plugins you have enabled. For example, if you have the Akismet and Hello Dolly plugins enabled, the code there will be:

    1
    a:2:{i:0;s:19:”akismet/akismet.php”;i:1;s:9:”hello.php”;}
    To disable all plugins, simply delete the code and click the Go button to save the change.

    Please note that this table may have a different prefix instead of wp_. You will see the correct prefix of the database once you access the phpMyAdmin tool and select the the WordPress database.

    Disabling the plugins in this way will not delete them from your WordPress application. They will simply be deactivated. You can easily activate them from your WordPress admin area at any time.


  • Disable WordPress plugins in phpMyAdmin

    https://help.one.com/hc/en-us/articles/115005593985-Disable-WordPress-plugins-in-phpMyAdmin


  • Reset Windows Update Agent to default in Windows 10

    Reset Windows Update Agent DOWNLOAD

    https://gallery.technet.microsoft.com/scriptcenter/reset-windows-update-agent-d824badc

     

    Reset Windows Update Agent to default in Windows 10

    If you are facing problems while downloading or installing Windows Updates on Windows 10/8/7, you definitely want to run the Reset Windows Update Agent Tool from Microsoft. This Reset Windows Update Agent will reset & repair all WU related components & registry keys, detect corruptions, replace corrupted system files, fix corrupted system image, reset Winsock settings and so on.

    Reset Windows Update Agent Tool

    Once you have downloaded the tool from Microsoft, right-click on it and select Run as Administrator. You will see the following prompt.

    Reset Windows Update 1

    To continue with the process, type ‘Y’ and press Enter to get the following screen.

    Reset Windows Update Components Tool

    This tool will let you do the following:

    1. Scan all protected system file and replace the corrupted one’s (sfc /scannow)
    2. Scan, detect and repair corruptions in Windows system image
    3. Clean up superseded components
    4. Reset Windows Update components
    5. Change invalid values in Windows Registry
    6. Delete temporary files

    The tool also allows you to carry out the following operations:

    1. Open Internet Explorer settings
    2. Search for Windows Updates
    3. Explorer for local or online solutions
    4. Restart your PC.

    Type the number mentioned against the operation you want to carry out and hit Enter.

    I decided to type 4 to reset the Windows Updates components. Once you do that, you will see several messages – a few of which I have displayed below in the image – where you will see Services being stopped, Services being started, cleanup work being executed, etc.

    Reset Windows Update 2

    Once the operation is completed you can press any key to continue. Doing so will take you back to the main screen where you can carry out other operations if you wish.

    Once done, you should restart your Windows computer.

    This tool works on Windows XP, Windows Vista, Windows 7, Windows 8, Windows 8.1 as well as Windows 10 and can be downloaded from TechNet.

    Windows Update Troubleshooter is another tool that can help you fix Windows Update problems. There are also several other links at the end of that post that can help you troubleshoot Windows Update problems.

    This PowerShell Script will help you Reset Windows Update Client. See this post if you want to manually reset each Windows Update component to default. This post will show you how to Reset Windows 10 if you ever feel the need to.


  • Everest 2.1.0 cannot login

    Usually happens when the SQL maintenance is not running correctly. The transaction LDF file grows to the set limit.

    Goto SQL Manager and backup the database, run optimizations, integrity and full backup.

    Right click database properties and check the transaction max file size.

    Right click the database and select task: shrink database. From there you can select files and select “shrink file to” …MB


  • WannaCry Ransomware – Microsoft Security Bulletin MS17-010 – Critical

    https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

     

    Security Update for Microsoft Windows SMB Server (4013389)

    Published: March 14, 2017

    Version: 1.0

    This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.

    This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the Affected Software and Vulnerability Severity Ratings section.

    The security update addresses the vulnerabilities by correcting how SMBv1 handles specially crafted requests.

    For more information about the vulnerabilities, see the Vulnerability Information section.

    For more information about this update, see Microsoft Knowledge Base Article 4013389.

    The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see Microsoft Support Lifecycle.

    The severity ratings indicated for each affected software assume the potential maximum impact of the vulnerability. For information regarding the likelihood, within 30 days of this security bulletin’s release, of the exploitability of the vulnerability in relation to its severity rating and security impact, please see the Exploitability Index in the March bulletin summary.

    Note Please see the Security Update Guide for a new approach to consuming the security update information. You can customize your views and create affected software spreadsheets, as well as download data via a restful API. For more information, please see the Security Updates Guide FAQ. As a reminder, the Security Updates Guide will be replacing security bulletins. Please see our blog post, Furthering our commitment to security updates, for more details.

    Operating System Windows SMB Remote Code Execution Vulnerability – CVE-2017-0143 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0144 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0145 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0146 Windows SMB Information Disclosure Vulnerability – CVE-2017-0147 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0148 Updates Replaced
    Windows Vista
    Windows Vista Service Pack 2
    (4012598)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3177186 in MS16-114
    Windows Vista x64 Edition Service Pack 2
    (4012598)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3177186 in MS16-114
    Windows Server 2008
    Windows Server 2008 for 32-bit Systems Service Pack 2
    (4012598)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3177186 in MS16-114
    Windows Server 2008 for x64-based Systems Service Pack 2
    (4012598)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3177186 in MS16-114
    Windows Server 2008 for Itanium-based Systems Service Pack 2
    (4012598)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3177186 in MS16-114
    Windows 7
    Windows 7 for 32-bit Systems Service Pack 1
    (4012212)
    Security Only[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    None
    Windows 7 for 32-bit Systems Service Pack 1
    (4012215)
    Monthly Rollup[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3212646
    Windows 7 for x64-based Systems Service Pack 1
    (4012212)
    Security Only[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    None
    Windows 7 for x64-based Systems Service Pack 1
    (4012215)
    Monthly Rollup[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3212646
    Windows Server 2008 R2
    Windows Server 2008 R2 for x64-based Systems Service Pack 1
    (4012212)
    Security Only[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    None
    Windows Server 2008 R2 for x64-based Systems Service Pack 1
    (4012215)
    Monthly Rollup[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3212646
    Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
    (4012212)
    Security Only[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    None
    Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
    (4012215)
    Monthly Rollup[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3212646
    Windows 8.1
    Windows 8.1 for 32-bit Systems
    (4012213)
    Security Only[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    None
    Windows 8.1 for 32-bit Systems
    (4012216)
    Monthly Rollup[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3205401
    Windows 8.1 for x64-based Systems
    (4012213)
    Security Only[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    None
    Windows 8.1 for x64-based Systems
    (4012216)
    Monthly Rollup[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3205401
    Windows Server 2012 and Windows Server 2012 R2
    Windows Server 2012
    (4012214)
    Security Only[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    None
    Windows Server 2012
    (4012217)
    Monthly Rollup[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3205409
    Windows Server 2012 R2
    (4012213)
    Security Only[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    None
    Windows Server 2012 R2
    (4012216)
    Monthly Rollup[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3205401
    Windows RT 8.1
    Windows RT 8.1[2]
    (4012216)
    Monthly Rollup
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3205401
    Windows 10
    Windows 10 for 32-bit Systems[3]
    (4012606)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3210720
    Windows 10 for x64-based Systems[3]
    (4012606)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3210720
    Windows 10 Version 1511 for 32-bit Systems[3]
    (4013198)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3210721
    Windows 10 Version 1511 for x64-based Systems[3]
    (4013198)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3210721
    Windows 10 Version 1607 for 32-bit Systems[3]
    (4013429)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3213986
    Windows 10 Version 1607 for x64-based Systems[3]
    (4013429)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3213986
    Windows Server 2016
    Windows Server 2016 for x64-based Systems[3]
    (4013429)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3213986
    Server Core installation option
    Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
    (4012598)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3177186 in MS16-114
    Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
    (4012598)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3177186 in MS16-114
    Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
    (4012212)
    Security Only[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    None
    Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
    (4012215)
    Monthly Rollup[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3212646
    Windows Server 2012 (Server Core installation)
    (4012214)
    Security Only[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    None
    Windows Server 2012 (Server Core installation)
    (4012217)
    Monthly Rollup[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3205409
    Windows Server 2012 R2 (Server Core installation)
    (4012213)
    Security Only[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    None
    Windows Server 2012 R2 (Server Core installation)
    (4012216)
    Monthly Rollup[1]
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3205401
    Windows Server 2016 for x64-based Systems[3](Server Core installation)
    (4013429)
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Critical
    Remote Code Execution
    Important
    Information Disclosure
    Critical
    Remote Code Execution
    3213986

    [1]Beginning with the October 2016 release, Microsoft has changed the update servicing model for Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. For more information, please see this Microsoft TechNet article.

    [2]This update is only available via Windows Update.

    [3] Windows 10 and Windows Server 2016 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. Please note that effective December 13, 2016, Windows 10 and Windows Server 2016 details for the Cumulative Updates will be documented in Release Notes. Please refer to the Release Notes for OS Build numbers, Known Issues, and affected file list information.

    *The Updates Replaced column shows only the latest update in any chain of superseded updates. For a comprehensive list of updates replaced, go to the Microsoft Update Catalog, search for the update KB number, and then view update details (updates replaced information is provided on the Package Details tab).

    Multiple Windows SMB Remote Code Execution Vulnerabilities

    Remote code execution vulnerabilities exist in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerabilities could gain the ability to execute code on the target server.

    To exploit the vulnerability, in most situations, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv1 server.

    The security update addresses the vulnerabilities by correcting how SMBv1 handles these specially crafted requests.

    The following table contains links to the standard entry for each vulnerability in the Common Vulnerabilities and Exposures list:

    Vulnerability title CVE number Publicly disclosed Exploited
    Windows SMB Remote Code Execution Vulnerability CVE-2017-0143 No No
    Windows SMB Remote Code Execution Vulnerability CVE-2017-0144 No No
    Windows SMB Remote Code Execution Vulnerability CVE-2017-0145 No No
    Windows SMB Remote Code Execution Vulnerability CVE-2017-0146 No No
    Windows SMB Remote Code Execution Vulnerability CVE-2017-0148 No No

    Mitigating Factors

    Microsoft has not identified any mitigating factors for these vulnerabilities.

    Workarounds

    The following workarounds may be helpful in your situation:

    • Disable SMBv1For customers running Windows Vista and later

      See Microsoft Knowledge Base Article 2696547.

      Alternative method for customers running Windows 8.1 or Windows Server 2012 R2 and later

      For client operating systems:

      1. Open Control Panel, click Programs, and then click Turn Windows features on or off.
      2. In the Windows Features window, clear the SMB1.0/CIFS File Sharing Support checkbox, and then click OK to close the window.
      3. Restart the system.

      For server operating systems:

      1. Open Server Manager and then click the Manage menu and select Remove Roles and Features.
      2. In the Features window, clear the SMB1.0/CIFS File Sharing Support check box, and then click OK to close the window.
      3. Restart the system.

      Impact of workaround. The SMBv1 protocol will be disabled on the target system.

      How to undo the workaround. Retrace the workaround steps, and select the SMB1.0/CIFS File Sharing Support check box to restore the SMB1.0/CIFS File Sharing Support feature to an active state.

     

    Windows SMB Information Disclosure Vulnerability – CVE-2017-0147

    An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server.

    To exploit the vulnerability, in most situations, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv1 server.

    The security update addresses the vulnerability by correcting how SMBv1 handles these specially crafted requests.

    The following table contains links to the standard entry for each vulnerability in the Common Vulnerabilities and Exposures list:

    Vulnerability title CVE number Publicly disclosed Exploited
    Windows SMB Information Disclosure Vulnerability CVE-2017-0147 No No

    Mitigating Factors

    Microsoft has not identified any mitigating factors for this vulnerability.

    Workarounds

    The following workarounds may be helpful in your situation:

    • Disable SMBv1For customers running Windows Vista and later

      See Microsoft Knowledge Base Article 2696547.

      Alternative method for customers running Windows 8.1 or Windows Server 2012 R2 and later

      For client operating systems:

      1. Open Control Panel, click Programs, and then click Turn Windows features on or off.
      2. In the Windows Features window, clear the SMB1.0/CIFS File Sharing Support checkbox, and then click OK to close the window.
      3. Restart the system.

      For server operating systems:

      1. Open Server Manager and then click the Manage menu and select Remove Roles and Features.
      2. In the Features window, clear the SMB1.0/CIFS File Sharing Support check box, and then click OK to close the window.
      3. Restart the system.

      Impact of workaround. The SMBv1 protocol will be disabled on the target system.

      How to undo the workaround. Retrace the workaround steps, and select the SMB1.0/CIFS File Sharing Support check box to restore the SMB1.0/CIFS File Sharing Support feature to an active state.

     

    For Security Update Deployment information, see the Microsoft Knowledge Base article referenced here in the Executive Summary.

    Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure. See Acknowledgments for more information.

    The information provided in the Microsoft Knowledge Base is provided “as is” without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

    • V1.0 (March 14, 2017): Bulletin published.

  • Recover deleted messages from .pst files

    www.slipstick.com/outlook/config/recover-deleted-messages-pst-files/

    Recover the Deleted Items

    If you don’t know what a Hex editor is, you probably shouldn’t be hex editing anything, but if you want to try, Google for “hex editor” – UltraEdit is probably the best and easiest one to use. Before doing anything to the PST with a Hex Editor, make a copy of the PST, or you may end up losing all of your e-mail.

      1. Open the PST in the Hex editor.
      2. Delete positions 7 through 13 with the spacebar. Since you’re using hexadecimal numbering, this actually clears 13 characters in the following positions:
        00007, 00008, 00009, 0000a, 0000b, 0000c, 0000d
        0000e, 0000f, 00010, 00011, 00012, 00013
        As you clear the characters, the editor displays the code “20” in their position.

    hex edit the pst file

    1. Save the PST, it is now corrupted.
    2. Run the Inbox Repair Tool, SCANPST.exe, to recover the file. Use Windows Search utility to find it. For additional information on the Inbox Repair Tool, see How to use Scanpst.exe to repair Outlook data files or KB 287497
    3. The Inbox Repair Tool creates a backup and repairs the damage and recreates the PST.

    Open the new PST in Outlook. The Deleted Items folder should now contain the deleted messages, unless Outlook has already deleted them for good by compacting the PST.


  • How to fix: Svchost.exe (netsvcs) memory leak or high CPU usage problems

    https://www.wintips.org/how-to-fix-svchost-exe-netsvcs-memory-leak-or-high-cpu-usage-problems

    Svchost.exe is a generic and legitimate Windows process that loads several other critical services for proper Windows operation. But in several cases users are complaining that Svchost.exe is hogging their CPU or Memory  resources without obvious reasons e.g. at moments when the user doesn’t run any programs.

    In many occasions, I have troubleshooted the Svchost.exe (netsvcs) problem by using different solutions to resolve the problem depending on each situation.

    From my experience, the Svchost.exe high usage problems – in most cases – occur on computers that are infected by a virus or a malware program. In the rest of the cases, the Svchost.exe (netsvcs) high CPU or Memory leak problems, can be caused by a Windows Update, or by a full Event log file or by other programs or services that start many processes during their execution. In this tutorial you can find detailed instructions on how to troubleshoot and resolve memory leak or high CPU usage problems caused by svchost {Svchost.exe (netsvcs)}.

    How to solve 100 % Svchost.exe (netsvcs) High Memory or CPU usage problems.

    Solution 1. Scan your computer for viruses.

    Many viruses or malicious programs can cause the svchost.exe high CPU/memory usage problem. So, before you continue to troubleshoot the Svchost.exe high CPU usage problem, use this Malware Scan and Removal Guide to check and remove viruses or/and malicious programs that may be running on your computer.

    Solution 2. Find and Disable the service that causes the “svchost” high CPU usage problem.

    Svchost.exe is a process that is needed by several services or programs in order for them to run. So, determine which service or program runs under the svchost.exe process and is hogging your system’s CPU and memory resources and then proceed to disable or totally uninstall that program (or service).

    1. Press Ctlr+Alt+Del keys simultaneously and then open Task Manager.

    2. At Processes tab, check the Show processes from all users checkbox.

    3. Right-click on the high usage svchost.exe process and select Go to Service(s).

    4. At services tab you should see several highlighted services that run under the svchost.exe process.

    5. Now it ‘s time to find out which process is hogging CPU resources: To do that, you have two ways.

    A) You can perform a sequentially search using Google (for all highlighted services) and see if the searched service is critical – or not – for your computer.

    Or –

    B) You can try to sequentially stop services (one by one) until CPU resources come back to normal. To stop a service temporary:

    • Choose a service
    • Right-click on it, and choose Stop Service.

    6. After you have figured out the culprit service or program, then navigate to Services in Computer Management to disable that service (or totally remove the culprit program).

    To disable a service on your computer permanently:
    1. Simultaneously press Windows key + R  to open run command box.
    2. In run command box, type: services.msc and press Enter.

    3. At Services management window, right-click at the culprit service and choose Properties.

    * Note:  Most of the time, the culprit service is the Windows Update Service.

    4. Change the Startup type to Disabled, press OK and restart your computer.

     

    Solution 3: Empty Event viewer log.

    In some cases the svchost.exe high CPU (or high Memory) usage problem has to do with the large log files in Windows event viewer. So, another solution is to clear Event Viewer’s log. To do that:

    1. Simultaneously press Windows key + R  to open run command box.

    2. In run command box, type: eventvwr and press Enter.

    3. At Event Viewer: Double-click to expand Windows Logs.

    4. Right-click on Application and choose Clear Log.

    5. Perform the same operation and clear the Security, Setup, and System log.

    6. Restart your computer.

     

    Solution 4: Troubleshoot Windows Updates problems.

    In other computers, the svchost.exe high usage problem may occur when Windows searches for updates (in the background). In order to troubleshoot high CPU usage problems during Windows Update, perform the following steps.

     

    Step 1. Force Windows to re-create an empty Windows Update Store folder.

    The Windows Update Store folder (commonly known as “SoftwareDistributionfolder), is the location where Windows stores the downloaded updates. If this folder is corrupted, then you will face problems during Windows Update. So, first try to force Windows to re-create a new empty SoftwareDistribution folder. To do that:

    1. Simultaneously press Windows key + R  to open run command box.

    2. In run command box, type: services.msc and press Enter.

    3. Search for Windows Update service, then right click on it and select Stop.

    3. Navigate to “C:Windows” folder.

    4. Delete * (or rename e.g. to “SoftwareDistributionOLD”) the “SoftwareDistribution” folder.

    * Note: Upon restart, the next time the Windows Update checks for available updates, a new empty SoftwareDistribution folder will be created automatically by Windows to store updates.

    5. Restart your computer and then try to check for updates.

    6. If the “svchost” high CPU usage problem persists, continue to the next step.

     

    Step 2. Run Windows Update Troubleshooter

    1. Download Microsoft’s Windows Update Troubleshooter to your computer.

    2. Run Windows Update Troubleshooter and press Accept at the first screen.

    3. Select the Detect problems and apply the fixes for (Recommended) option.

    4. Let the program to fix problems with Windows Update and then restart your computer.

    5. Check for Updates again and if the svchost.exe high CPU usage problem persists continue to the next step.

     

    Step 3. Install the latest version of Windows Update Agent.

    1. Navigate to Windows Update Agent download site and download the appropriate package for your Windows edition and version.

    2. Run WindowsUpdateAgent*.exe

    3. Close all open programs and choose Next.

    4. Choose Agree and press Next.

    5. Let the installer finish the installation and then restart your computer.

    Step 4. Install the critical Microsoft Security Bulletin MS13-097.

    1. Navigate to https://technet.microsoft.com/library/security/ms13-097 and click at the appropriate Internet Explorer Cumulative Security Update (2898785) according to your Internet Explorer version and Windows Version.

    2. At the next screen choose your IE’s (menu) language and choose Download.

    3. Run “IE11_Windows*-KB289875*.exe” and follow the on screen instruction to install the update.

    4. Restart your computer and check for updates again.

     

    Step 5: Fix Windows Corrupted System files by using the System Update Readiness tool (aka “Deployment Image Servicing and Management” – DISM tool).

    1. Navigate to System Update Readiness tool download site and download the DISM tool for your Windows edition and version. *

    * Note: Windows 8 already contains the DISM tool and you don’t have to download anything. Just open an elevated command prompt and type: DISM.exe /Online /Cleanup-image /Restorehealth (Detailed instructions on how you can run DISM in Windows 8/8.1 can be found here)

    2. Double click to install the downloaded file (e.g. Windows6.1-KB947821-v34-x86.msu).

    3. When the installation is completed, restart your computer.

    4. Force Windows to check for updates again and see if the svchost high usage problem still persists.

    UPDATE – 16/10/2015 

    Other solutions that I have applied in different cases (computers) in which the “svchost.exe” high usage problem is caused while searching for updates.

    Case 1: Applied on a new Windows 7 SP1 installation.

    a. Uninstall the KB2562937 from Installed Updates.

    b. Restart the computer.

    UPDATE – 22/03/2016

    (Applied to: Windows 7 SP1 & Windows Server 2008 R2 SP1.)

    1. First make sure that you have already installed Internet Explorer 11 on your computer.
    2. Download and install the KB3102810 security update according your OS version *. (If installation hangs, restart the computer and then immediately install the Update).
    3. Restart your computer and then delete the “SoftwareDistribution” folder by following the instructions on Step 1 (only) from Solution 4 above.
    4. Restart your computer and check for updates.

    UPDATE – 29/06/2016

    (Applied to: Windows 7 SP1 & Windows Server 2008 R2 SP1.)

    1. Download and install the June 2016 Windows Update Rollup KB3161608 according your OS Version. *

    * Note: If installation hangs: Restart your computer, Stop the Windows Update service and then Install the update.

    • If after doing all these, you still face high CPU or Memory usage problems, then disable Windows Update completely or re-install Windows on you computer. If you use Windows 8 or Windows 8.1 you can perform also a system refresh.