The Generic Tech Support Youtube Channel

Welcome to The GenericTechSupport YouTube Channel.This website is dedicated to delivering valuable insights, strategies, and updates tailored to technical support professionals, business managers, and small business owners.Our focus is on providing practical, actionable information that enhances your understanding of technology and its application in today’s business landscape.Our goal is to maintain transparency while offering expert guidance for those looking to navigate the complexities of technology.Please subscribe on our Youtube Channel for weekly updates.Or feel free to reach out with any inquiries, collaboration opportunities, or if you’re in need of a reliable IT managed service provider.

Do you have an internal IT department but require the expertise of a senior engineer on a temporary basis?

One of the most significant challenges in IT is sourcing qualified engineering talent to address technical gaps as they arise.In many cases, it is unnecessary to hire a senior-level engineer for a full-time role when their expertise is only needed for advanced issues or temporary situations.Let GenericTechSupport provide the skilled support you need to fill that gap efficiently and cost-effectively.

Do you need internal IT?

Determining whether you need an internal IT department for your business depends on several factors, including the size of your business, the complexity of your technology needs, and your long-term goals. Here are a few considerations:1. Business Size and Growth: Small businesses with minimal IT infrastructure usually do not require a dedicated internal team, as outsourcing IT services can be more cost-effective.2. Technology Complexity: If your business does not rely heavily on complex systems, software, or data security, having an outsourced IT department can provide quick, tailored solutions for all businesses with simpler needs.3. Cost Efficiency: Internal IT departments come with overhead costs such as salaries, health insurance, training, and infrastructure. If your needs are more intermittent or specialized, outsourcing to GenericTechSupport may offer a more cost-effective solution without the burden of full-time staff.
Most outsourced IT will provide remote support at a fraction of the cost.
4. Support Availability: Having an outsourced IT department allows for immediate emergency support. If your business operates in multiple locations or requires 24/7 support, an external remote team might be more suitable.
Ultimately, whether you need an internal IT department depends on your business’s specific needs and resources. GenericTechSupport can help you navigate a hybrid approach—keeping internal staff for day-to-day tasks while outsourcing specialized or high-level support as needed or a full remote approach
—going 100% outsourced.
Please contact us for help!

Welcome to the GenericTechSupport Youtube Channel

In House Custom Project Specials

Latest Update: 4/1/25

Welcome To Granite XP ALPHA

PROJECT SCOPE

The Granite XP Project is nothing more than a central repository for all security settings for XP to attempt to make XP as secure or more secure than Windows 11 with NIST based Policy Assigned.

This project started as a proof of concept Video. But slowly as I realized that people actually needed the updates and the configurations to build gaming rigs, or to use as a hobby system, the idea was planted to make an XP system that could "in theory" not only match security configuration set by Microsoft on Windows 10, but to exceed the security requirements based on NIST 800-171 2024 Standards.

This Page will Document the process, what the hold-up's have been and when the Granite Package will finally be released to the public.

Set Backs

I Got A Rock: One (Main Hold-Up)

Big Impact: unfortunately it appears that Microsoft has revoked the Certificate on Windows XP that is required for XP to trust it's own updates, this as a result has caused the update application Process to fail, and throw an error that the NESSUS Scan picks up as Ransomware, even though it's not.

I Got A Rock: Two (Secondary Hold-UP)

Big Impact: Since Microsoft Killed the Certificate trust, the 2019 Domain Controller that created the Trusted Updates and the NIST Policy used a self Signed Cert, Since the Domain Is Dead, and the Servers are long Gone I need to figure out how to fix the Certificate and HASH values on the Updates so that windows XP will update them and not false report Ransomware to Windows AV Applications.

BIG WINS

Windows Updates (LIST)

Coming SOON!

The Granite XP Package Includes over 1000 Windows updates for Windows XP From All versions in One easy to install Package

BIG WINS

Enabling POS For Later Update Support

[HKEYLOCALMACHINE\SYSTEM\WPA\PosReady]
"Installed"=dword:00000001

Setting the SecEdit DB Location For Security

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit]
"LastUsedDatabase"="C:\WINDOWS\security\database\KB968930.sdb"
"TemplateUsed"="C:\WINDOWS\SECD5.tmp"
"EnvironmentVariables"=hex(7):25,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,\
25,00,00,00,25,00,55,00,73,00,65,00,72,00,50,00,72,00,6f,00,66,00,69,00,6c,\
00,65,00,25,00,00,00,25,00,41,00,6c,00,6c,00,55,00,73,00,65,00,72,00,73,00,\
50,00,72,00,6f,00,66,00,69,00,6c,00,65,00,25,00,00,00,25,00,50,00,72,00,6f,\
00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,25,00,00,00,25,00,\
53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,00,00,25,\
00,53,00,79,00,73,00,74,00,65,00,6d,00,44,00,72,00,69,00,76,00,65,00,25,00,\
00,00,25,00,54,00,65,00,6d,00,70,00,25,00,00,00,25,00,54,00,6d,00,70,00,25,\
00,00,00
"SetupCompDebugLevel"=dword:00000001
"DefaultTemplate"="C:\WINDOWS\inf\secrecs.inf"
"LastWinLogonConfig"=dword:5344fd3d

Setting Variables for Driver Signing

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Driver Signing/Policy]
"ValueType"=dword:00000003
"DisplayType"=dword:00000003
"DisplayName"="Devices: Unsigned driver installation behavior"
"DisplayChoices"=hex(7):30,00,7c,00,53,00,69,00,6c,00,65,00,6e,00,74,00,6c,00,\
79,00,20,00,73,00,75,00,63,00,63,00,65,00,65,00,64,00,20,00,00,00,31,00,7c,\
00,57,00,61,00,72,00,6e,00,20,00,62,00,75,00,74,00,20,00,61,00,6c,00,6c,00,\
6f,00,77,00,20,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,61,00,74,00,69,\
00,6f,00,6e,00,00,00,32,00,7c,00,44,00,6f,00,20,00,6e,00,6f,00,74,00,20,00,\
61,00,6c,00,6c,00,6f,00,77,00,20,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,61,00,74,00,69,00,6f,00,6e,00,00,00,00,00

Disables Automatic Recovery

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Setup/RecoveryConsole/SecurityLevel]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Recovery console: Allow automatic administrative logon"

Disable Floppy Access to Drivers

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Setup/RecoveryConsole/SetCommand]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Recovery console: Allow floppy copy and access to all drives and all folders"

Restrict CD Access to Local Users Only

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/AllocateCDRoms]
"ValueType"=dword:00000001
"DisplayType"=dword:00000000
"DisplayName"="Devices: Restrict CD-ROM access to locally logged-on user only"

Define Only Admin Access to Eject Hardware

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/AllocateDASD]
"ValueType"=dword:00000001
"DisplayType"=dword:00000003
"DisplayName"="Devices: Allowed to format and eject removable media"
"DisplayChoices"=hex(7):30,00,7c,00,41,00,64,00,6d,00,69,00,6e,00,69,00,73,00,\
74,00,72,00,61,00,74,00,6f,00,72,00,73,00,00,00,31,00,7c,00,41,00,64,00,6d,\
00,69,00,6e,00,69,00,73,00,74,00,72,00,61,00,74,00,6f,00,72,00,73,00,20,00,\
61,00,6e,00,64,00,20,00,50,00,6f,00,77,00,65,00,72,00,20,00,55,00,73,00,65,\
00,72,00,73,00,00,00,32,00,7c,00,41,00,64,00,6d,00,69,00,6e,00,69,00,73,00,\
74,00,72,00,61,00,74,00,6f,00,72,00,73,00,20,00,61,00,6e,00,64,00,20,00,49,\
00,6e,00,74,00,65,00,72,00,61,00,63,00,74,00,69,00,76,00,65,00,20,00,55,00,\
73,00,65,00,72,00,73,00,00,00,00,00

Local Admin Access Floppy Only

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/AllocateFloppies]
"ValueType"=dword:00000001
"DisplayType"=dword:00000000
"DisplayName"="Devices: Restrict floppy access to locally logged-on user only"

Cached Logons

SPECIAL NOTE: Since we don't have an active Domain Controller, Logons are not set to Cached, and not set to require a DC to work, as such this setting is an accepted Risk in workgroup Mode.

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/CachedLogonsCount]
"ValueType"=dword:00000001
"DisplayType"=dword:00000001
"DisplayName"="Interactive logon: Number of previous logons to cache (in case domain controller is not available)"
"DisplayUnit"="logons"

Cached Computer Accounts

SPECIAL NOTE: Since we don't have an active Domain Controller, Logons are not set to Cached, and not set to require a DC to work, as such this setting is an accepted Risk in workgroup Mode.

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/ForceUnlockLogon]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Interactive logon: Require Domain Controller authentication to unlock workstation"

Prompt Users to Change Passwords 4-Days In Advance

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/PasswordExpiryWarning]
"ValueType"=dword:00000004
"DisplayType"=dword:00000001
"DisplayName"="Interactive logon: Prompt user to change password before expiration"
"DisplayUnit"="days

Disable Smart Card Access

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/ScRemoveOption]
"ValueType"=dword:00000001
"DisplayType"=dword:00000003
"DisplayName"="Interactive logon: Smart card removal behavior"
"DisplayChoices"=hex(7):30,00,7c,00,4e,00,6f,00,20,00,41,00,63,00,74,00,69,00,\
6f,00,6e,00,00,00,31,00,7c,00,4c,00,6f,00,63,00,6b,00,20,00,57,00,6f,00,72,\
00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,32,00,7c,00,46,00,\
6f,00,72,00,63,00,65,00,20,00,4c,00,6f,00,67,00,6f,00,66,00,66,00,00,00,00,\
00

Require Control+Alt+Del to Logon

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DisableCAD]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Interactive logon: Do not require CTRL+ALT+DEL"

Disable Display Last User Logon

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DontDisplayLastUserName]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Interactive logon: Do not display last user name"

Do Not Display Locked User Account Name

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DontDisplayLockedUserId]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="Interactive logon: Display user information when the session is locked"
"DisplayChoices"=hex(7):31,00,7c,00,55,00,73,00,65,00,72,00,20,00,64,00,69,00,\
73,00,70,00,6c,00,61,00,79,00,20,00,6e,00,61,00,6d,00,65,00,2c,00,20,00,64,\
00,6f,00,6d,00,61,00,69,00,6e,00,20,00,61,00,6e,00,64,00,20,00,75,00,73,00,\
65,00,72,00,20,00,6e,00,61,00,6d,00,65,00,73,00,00,00,32,00,7c,00,55,00,73,\
00,65,00,72,00,20,00,64,00,69,00,73,00,70,00,6c,00,61,00,79,00,20,00,6e,00,\
61,00,6d,00,65,00,20,00,6f,00,6e,00,6c,00,79,00,00,00,33,00,7c,00,44,00,6f,\
00,20,00,6e,00,6f,00,74,00,20,00,64,00,69,00,73,00,70,00,6c,00,61,00,79,00,\
20,00,75,00,73,00,65,00,72,00,20,00,69,00,6e,00,66,00,6f,00,72,00,6d,00,61,\
00,74,00,69,00,6f,00,6e,00,00,00,00,00

Display Banner for Logon

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/LegalNoticeCaption]
"ValueType"=dword:00000001
"DisplayType"=dword:00000002
"DisplayName"="Interactive logon: Message title for users attempting to log on"

Use Message Text for Logging on Users

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/LegalNoticeText]
"ValueType"=dword:00000007
"DisplayType"=dword:00000004
"DisplayName"="Interactive logon: Message text for users attempting to log on"

Disable CAC Card Requirement

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/ScForceOption]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Interactive logon: Require smart card"

Disable Shutdown without Logon

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/ShutdownWithoutLogon]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Shutdown: Allow system to be shut down without having to log on"

Disable Undock without logon

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/UndockWithoutLogon]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Devices: Allow undock without having to log on"

Define Access to DCOM Users and Admins

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/SOFTWARE/policies/Microsoft/windows NT/DCOM/MachineAccessRestriction]
"ValueType"=dword:00000001
"DisplayType"=dword:00000002
"DisplayName"="DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax"

System Audit Event Configuration

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/AuditBaseObjects]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Audit: Audit the access of global system objects"

Shutdown System Immediately if Audit is disabled

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/CrashOnAuditFail]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Audit: Shut down system immediately if unable to log security audits"

Disable Domain Stored Credentials

SPECIAL NOTE: Since we don't have an active Domain Controller, Logons are set to disabled in Domain Passport Options, This would be enabled and Encrypted in a DC controlled system on Windows 10/11

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/DisableDomainCreds]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Network access: Do not allow storage of credentials or .NET Passports for network authentication"

Disable Allow Everyone Access to Shares

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/EveryoneIncludesAnonymous]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Network access: Let Everyone permissions apply to anonymous users"

Force FIPS 140-3 Encryption

SPECIAL NOTE: This was never an option in XP, and requries the Updates in the Configuration to work correctly. Failure to run updates will fail to secure this configuration.

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/FIPSAlgorithmPolicy]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing"

Disable Windows Guest Access

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/ForceGuest]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="Network access: Sharing and security model for local accounts"
"DisplayChoices"=hex(7):30,00,7c,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,\
20,00,2d,00,20,00,6c,00,6f,00,63,00,61,00,6c,00,20,00,75,00,73,00,65,00,72,\
00,73,00,20,00,61,00,75,00,74,00,68,00,65,00,6e,00,74,00,69,00,63,00,61,00,\
74,00,65,00,20,00,61,00,73,00,20,00,74,00,68,00,65,00,6d,00,73,00,65,00,6c,\
00,76,00,65,00,73,00,00,00,31,00,7c,00,47,00,75,00,65,00,73,00,74,00,20,00,\
6f,00,6e,00,6c,00,79,00,20,00,2d,00,20,00,6c,00,6f,00,63,00,61,00,6c,00,20,\
00,75,00,73,00,65,00,72,00,73,00,20,00,61,00,75,00,74,00,68,00,65,00,6e,00,\
74,00,69,00,63,00,61,00,74,00,65,00,20,00,61,00,73,00,20,00,47,00,75,00,65,\
00,73,00,74,00,00,00,00,00

Audit All Access to Shadow Copy Services

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/FullPrivilegeAuditing]
"ValueType"=dword:00000003
"DisplayType"=dword:00000000
"DisplayName"="Audit: Audit the use of Backup and Restore privilege"

Disable Blank Password Access

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/LimitBlankPasswordUse]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Accounts: Limit local account use of blank passwords to console logon only"

Set LANMAN Encryption Level to Windows 10

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/LmCompatibilityLevel]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="Network security: LAN Manager authentication level"
"DisplayChoices"=hex(7):30,00,7c,00,53,00,65,00,6e,00,64,00,20,00,4c,00,4d,00,\
20,00,26,00,20,00,4e,00,54,00,4c,00,4d,00,20,00,72,00,65,00,73,00,70,00,6f,\
00,6e,00,73,00,65,00,73,00,00,00,31,00,7c,00,53,00,65,00,6e,00,64,00,20,00,\
4c,00,4d,00,20,00,26,00,20,00,4e,00,54,00,4c,00,4d,00,20,00,2d,00,20,00,75,\
00,73,00,65,00,20,00,4e,00,54,00,4c,00,4d,00,76,00,32,00,20,00,73,00,65,00,\
73,00,73,00,69,00,6f,00,6e,00,20,00,73,00,65,00,63,00,75,00,72,00,69,00,74,\
00,79,00,20,00,69,00,66,00,20,00,6e,00,65,00,67,00,6f,00,74,00,69,00,61,00,\
74,00,65,00,64,00,00,00,32,00,7c,00,53,00,65,00,6e,00,64,00,20,00,4e,00,54,\
00,4c,00,4d,00,20,00,72,00,65,00,73,00,70,00,6f,00,6e,00,73,00,65,00,20,00,\
6f,00,6e,00,6c,00,79,00,00,00,33,00,7c,00,53,00,65,00,6e,00,64,00,20,00,4e,\
00,54,00,4c,00,4d,00,76,00,32,00,20,00,72,00,65,00,73,00,70,00,6f,00,6e,00,\
73,00,65,00,20,00,6f,00,6e,00,6c,00,79,00,00,00,34,00,7c,00,53,00,65,00,6e,\
00,64,00,20,00,4e,00,54,00,4c,00,4d,00,76,00,32,00,20,00,72,00,65,00,73,00,\
70,00,6f,00,6e,00,73,00,65,00,20,00,6f,00,6e,00,6c,00,79,00,5c,00,72,00,65,\
00,66,00,75,00,73,00,65,00,20,00,4c,00,4d,00,00,00,35,00,7c,00,53,00,65,00,\
6e,00,64,00,20,00,4e,00,54,00,4c,00,4d,00,76,00,32,00,20,00,72,00,65,00,73,\
00,70,00,6f,00,6e,00,73,00,65,00,20,00,6f,00,6e,00,6c,00,79,00,5c,00,72,00,\
65,00,66,00,75,00,73,00,65,00,20,00,4c,00,4d,00,20,00,26,00,20,00,4e,00,54,\
00,4c,00,4d,00,00,00,00,00

Set NTLM Security SSP Session

SPECIAL NOTE: Unfortunately this Key is Revoked by Microsoft As it was built under Windows 2019 Server. This is noted in the section above as a big issue, Uncertain if this will cause any other issues in the future.

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/MSV1_0/NTLMMinClientSec]
"ValueType"=dword:00000004
"DisplayType"=dword:00000005
"DisplayName"="Network security: Minimum session security for NTLM SSP based (including secure RPC) clients"
"DisplayFlags"=hex(7):31,00,36,00,7c,00,52,00,65,00,71,00,75,00,69,00,72,00,65,\
00,20,00,6d,00,65,00,73,00,73,00,61,00,67,00,65,00,20,00,69,00,6e,00,74,00,\
65,00,67,00,72,00,69,00,74,00,79,00,00,00,33,00,32,00,7c,00,52,00,65,00,71,\
00,75,00,69,00,72,00,65,00,20,00,6d,00,65,00,73,00,73,00,61,00,67,00,65,00,\
20,00,63,00,6f,00,6e,00,66,00,69,00,64,00,65,00,6e,00,74,00,69,00,61,00,6c,\
00,69,00,74,00,79,00,00,00,35,00,32,00,34,00,32,00,38,00,38,00,7c,00,52,00,\
65,00,71,00,75,00,69,00,72,00,65,00,20,00,4e,00,54,00,4c,00,4d,00,76,00,32,\
00,20,00,73,00,65,00,73,00,73,00,69,00,6f,00,6e,00,20,00,73,00,65,00,63,00,\
75,00,72,00,69,00,74,00,79,00,00,00,35,00,33,00,36,00,38,00,37,00,30,00,39,\
00,31,00,32,00,7c,00,52,00,65,00,71,00,75,00,69,00,72,00,65,00,20,00,31,00,\
32,00,38,00,2d,00,62,00,69,00,74,00,20,00,65,00,6e,00,63,00,72,00,79,00,70,\
00,74,00,69,00,6f,00,6e,00,00,00,00,00

Set NTLM Security SSP Session Minimum

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/MSV1_0/NTLMMinServerSec]
"ValueType"=dword:00000004
"DisplayType"=dword:00000005
"DisplayName"="Network security: Minimum session security for NTLM SSP based (including secure RPC) servers"
"DisplayFlags"=hex(7):31,00,36,00,7c,00,52,00,65,00,71,00,75,00,69,00,72,00,65,\
00,20,00,6d,00,65,00,73,00,73,00,61,00,67,00,65,00,20,00,69,00,6e,00,74,00,\
65,00,67,00,72,00,69,00,74,00,79,00,00,00,33,00,32,00,7c,00,52,00,65,00,71,\
00,75,00,69,00,72,00,65,00,20,00,6d,00,65,00,73,00,73,00,61,00,67,00,65,00,\
20,00,63,00,6f,00,6e,00,66,00,69,00,64,00,65,00,6e,00,74,00,69,00,61,00,6c,\
00,69,00,74,00,79,00,00,00,35,00,32,00,34,00,32,00,38,00,38,00,7c,00,52,00,\
65,00,71,00,75,00,69,00,72,00,65,00,20,00,4e,00,54,00,4c,00,4d,00,76,00,32,\
00,20,00,73,00,65,00,73,00,73,00,69,00,6f,00,6e,00,20,00,73,00,65,00,63,00,\
75,00,72,00,69,00,74,00,79,00,00,00,35,00,33,00,36,00,38,00,37,00,30,00,39,\
00,31,00,32,00,7c,00,52,00,65,00,71,00,75,00,69,00,72,00,65,00,20,00,31,00,\
32,00,38,00,2d,00,62,00,69,00,74,00,20,00,65,00,6e,00,63,00,72,00,79,00,70,\
00,74,00,69,00,6f,00,6e,00,00,00,00,00

Set Default System Owner to Administrators Accounts

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/NoDefaultAdminOwner]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="System objects: Default owner for objects created by members of the Administrators group"
"DisplayChoices"=hex(7):30,00,7c,00,41,00,64,00,6d,00,69,00,6e,00,69,00,73,00,\
74,00,72,00,61,00,74,00,6f,00,72,00,73,00,20,00,67,00,72,00,6f,00,75,00,70,\
00,00,00,31,00,7c,00,4f,00,62,00,6a,00,65,00,63,00,74,00,20,00,63,00,72,00,\
65,00,61,00,74,00,6f,00,72,00,00,00,00,00

Do not store UnEncrypted Passwords in Password Manager

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/NoLMHash]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Network security: Do not store LAN Manager hash value on next password change"

Do not allow Anonymous enumeration of SAM Accounts and Shares

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/RestrictAnonymous]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Network access: Do not allow anonymous enumeration of SAM accounts and shares"

Allow Server Operators to Modify Scheduled Tasks

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/SubmitControl]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain controller: Allow server operators to schedule tasks"

Allow Authenticated Users to Install Print Drivers (Print Nightmare Fix)

SPECIAL NOTE: While this fix may work on 10/11 It likely will not work on XP, but is required for the NESSUS Scanner

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Print/Providers/LanMan Print Services/Servers/AddPrinterDrivers]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Devices: Prevent users from installing printer drivers"

Secure and Encrypt System Shares

SPECIAL NOTE: WARNING!!! IF this System was added back to a domain, you need the STIG Fix for Hardened Security Path to access Domain Shares after this fix.

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/SecurePipeServers/Winreg/AllowedPaths/Machine]
"ValueType"=dword:00000007
"DisplayType"=dword:00000004
"DisplayName"="Network access: Remotely accessible registry paths"

Forces Case Sensitive Access when Integrating UNIX/LINUX systems

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Session Manager/Kernel/ObCaseInsensitive]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="System objects: Require case insensitivity for non-Windows subsystems"

Do Not Clear System Page File on Boot

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Session Manager/Memory Management/ClearPageFileAtShutdown]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Shutdown: Clear virtual memory pagefile"

Force AES 265 Encryption on System Internal Objects

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Session Manager/ProtectionMode]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)"

Set Idle Lockout Time

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/AutoDisconnect]
"ValueType"=dword:00000004
"DisplayType"=dword:00000001
"DisplayName"="Microsoft network server: Amount of idle time required before suspending session"
"DisplayUnit"="minutes"

Set User Idle timeout action

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/EnableForcedLogOff]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Microsoft network server: Disconnect clients when logon hours expire"

Force Digital Signature on Communication

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/EnableSecuritySignature]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Microsoft network server: Digitally sign communications (if client agrees)"

Disable Anonymous Network Access

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/NullSessionPipes]
"ValueType"=dword:00000007
"DisplayType"=dword:00000004
"DisplayName"="Network access: Named Pipes that can be accessed anonymously"

Disable Anonymous Share Access

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/NullSessionShares]
"ValueType"=dword:00000007
"DisplayType"=dword:00000004
"DisplayName"="Network access: Shares that can be accessed anonymously"

Only Allow Signed Share Access

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/RequireSecuritySignature]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Microsoft network server: Digitally sign communications (always)"

Do Not Allow UnEncrypted Passwords on the network

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanmanWorkstation/Parameters/EnablePlainTextPassword]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Microsoft network client: Send unencrypted password to third-party SMB servers"

Do Not Allow Client to Disable Encrypted Communication

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanmanWorkstation/Parameters/EnableSecuritySignature]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Microsoft network client: Digitally sign communications (if server agrees)"

Require All LDAP Communication be Encrypted

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LDAP/LDAPClientIntegrity]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="Network security: LDAP client signing requirements"
"DisplayChoices"=hex(7):30,00,7c,00,4e,00,6f,00,6e,00,65,00,00,00,31,00,7c,00,\
4e,00,65,00,67,00,6f,00,74,00,69,00,61,00,74,00,65,00,20,00,73,00,69,00,67,\
00,6e,00,69,00,6e,00,67,00,00,00,32,00,7c,00,52,00,65,00,71,00,75,00,69,00,\
72,00,65,00,20,00,73,00,69,00,67,00,6e,00,69,00,6e,00,67,00,00,00,00,00

Require Passwords be 8 Characters Minimum and meet Compliance Standards of NIST

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/DisablePasswordChange]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain member: Disable machine account password changes"
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/MaximumPasswordAge]
"ValueType"=dword:00000004
"DisplayType"=dword:00000001
"DisplayName"="Domain member: Maximum machine account password age"
"DisplayUnit"="days"
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/RefusePasswordChange]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain controller: Refuse machine account password changes"
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/RequireSignOrSeal]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain member: Digitally encrypt or sign secure channel data (always)"
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/RequireStrongKey]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain member: Require strong (Windows 2000 or later) session key"

Force Secure Signing of Channel Data Required

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/SealSecureChannel]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain member: Digitally encrypt secure channel data (when possible)"
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/SignSecureChannel]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain member: Digitally sign secure channel data (when possible)"
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/NTDS/Parameters/LDAPServerIntegrity]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="Domain controller: LDAP server signing requirements"
"DisplayChoices"=hex(7):31,00,7c,00,4e,00,6f,00,6e,00,65,00,00,00,32,00,7c,00,\
52,00,65,00,71,00,75,00,69,00,72,00,65,00,20,00,73,00,69,00,67,00,6e,00,69,\
00,6e,00,67,00,00,00,00,00

Force Google Chrome TLS 1.2 SSL 3.0

SPECIAL NOTE: WARNING!!! WINDOWS XP WAS NEVER DESIGNED TO RUN THIS VERSION OF CHROME, THIS REQUIRES ADDITIONAL SOFTWARE

[HKEYLOCALMACHINE\SOFTWARE\Policies\Google\Chrome]
"RemoteAccessHostFirewallTraversal"=dword:00000000
"DefaultPopupsSetting"=dword:00000002
"DefaultGeolocationSetting"=dword:00000002
"DefaultSearchProviderName"="Google Encrypted"
"DefaultSearchProviderEnabled"=dword:00000001
"PasswordManagerEnabled"=dword:00000000
"BackgroundModeEnabled"=dword:00000000
"SyncDisabled"=dword:00000001
"CloudPrintProxyEnabled"=dword:00000000
"MetricsReportingEnabled"=dword:00000000
"SearchSuggestEnabled"=dword:00000000
"ImportSavedPasswords"=dword:00000000
"IncognitoModeAvailability"=dword:00000001
"SavingBrowserHistoryDisabled"=dword:00000000
"AllowDeletingBrowserHistory"=dword:00000000
"PromptForDownloadLocation"=dword:00000001
"AutoplayAllowed"=dword:00000000
"SafeBrowsingExtendedReportingEnabled"=dword:00000000
"DefaultWebUsbGuardSetting"=dword:00000002
"ChromeCleanupEnabled"=dword:00000000
"ChromeCleanupReportingEnabled"=dword:00000000
"EnableMediaRouter"=dword:00000000
"UrlKeyedAnonymizedDataCollectionEnabled"=dword:00000000
"WebRtcEventLogCollectionAllowed"=dword:00000000
"NetworkPredictionOptions"=dword:00000002
"DeveloperToolsAvailability"=dword:00000002
"BrowserGuestModeEnabled"=dword:00000000
"AutofillCreditCardEnabled"=dword:00000000
"AutofillAddressEnabled"=dword:00000000
"ImportAutofillFormData"=dword:00000000
"SafeBrowsingProtectionLevel"=dword:00000001
"DefaultSearchProviderSearchURL"="https://www.google.com/search?q={searchTerms}"
"DownloadRestrictions"=dword:00000001
"DefaultWebBluetoothGuardSetting"=dword:00000002
"QuicAllowed"=dword:00000000
"EnableOnlineRevocationChecks"=dword:00000001
"SSLVersionMin"="tls1.2"

Windows 10 IE Standards

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel]
"History"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Download]
"RunInvalidSignatures"=dword:00000000
"CheckExeSignatures"="yes"
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds]
"DisableEnclosureDownload"=dword:00000001
"AllowBasicAuthInClear"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\IEDevTools]
"Disabled"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main]
"NotifyDisableIEOptions"=dword:00000000
"DisableEPMCompat"=dword:00000001
"Isolation64Bit"=dword:00000001
"Isolation"="PMEM"
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATUREDISABLEMKPROTOCOL]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATUREMIMEHANDLING]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEY
LOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATUREMIMESNIFFING]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEY
LOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURERESTRICTACTIVEXINSTALL]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEY
LOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURERESTRICTFILEDOWNLOAD]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEY
LOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURESECURITYBAND]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATUREWINDOWRESTRICTIONS]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATUREZONEELEVATION]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter]
"PreventOverride"=dword:00000001
"PreventOverrideAppRepUnknown"=dword:00000001
"EnabledV9"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Privacy]
"ClearBrowsingHistoryOnExit"=dword:00000000
"CleanHistory"=dword:00000000
"EnableInPrivateBrowsing"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions]
"NoCrashDetection"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security]
"DisableSecuritySettingsCheck"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security\ActiveX]
"BlockNonAdminActiveXInstall"=dword:00000001

Windows 10 MS EDGE Standards

SPECIAL NOTE: WARNING!!! WINDOWS XP WAS NEVER DESIGNED TO RUN THIS VERSION OF EDGE.

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Internet Settings]
"PreventCertErrorOverrides"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main]
"FormSuggest Passwords"="no"
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter]
"PreventOverrideAppRepUnknown"=dword:00000001

Set Hardware Sleep Timers

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Power][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Power\PowerSettings][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51]
"DCSettingIndex"=dword:00000001
"ACSettingIndex"=dword:00000001

Set Internet Options and Internet Settings

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
"Securityzonesmapedit"=dword:00000001
"Security
optionsedit"=dword:00000001
"Security
HKLMonly"=dword:00000001
"PreventIgnoreCertErrors"=dword:00000001
"CertificateRevocation"=dword:00000001
"WarnOnBadCertRecving"=dword:00000001
"EnableSSL3Fallback"=dword:00000000
"SecureProtocols"=dword:00000800
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LockdownZones][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LockdownZones\0]
"1C00"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LockdownZones\1]
"1C00"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LockdownZones\2]
"1C00"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LockdownZones\4]
"1C00"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Url History]
"DaysToKeep"=dword:00000028
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"UNCAsIntranet"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]
"270C"=dword:00000000
"1C00"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]
"270C"=dword:00000000
"1201"=dword:00000003
"1C00"=dword:00010000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]
"270C"=dword:00000000
"1201"=dword:00000003
"1C00"=dword:00010000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
"1406"=dword:00000003
"1407"=dword:00000003
"1802"=dword:00000003
"2402"=dword:00000003
"120b"=dword:00000003
"120c"=dword:00000003
"1206"=dword:00000003
"2102"=dword:00000003
"1209"=dword:00000003
"2103"=dword:00000003
"2200"=dword:00000003
"270C"=dword:00000000
"1001"=dword:00000003
"1004"=dword:00000003
"2709"=dword:00000003
"2708"=dword:00000003
"160A"=dword:00000003
"1201"=dword:00000003
"1C00"=dword:00000000
"1804"=dword:00000003
"1A00"=dword:00010000
"1607"=dword:00000003
"2004"=dword:00000003
"2001"=dword:00000003
"1806"=dword:00000001
"1409"=dword:00000000
"2500"=dword:00000000
"2301"=dword:00000000
"1809"=dword:00000000
"1606"=dword:00000003
"2101"=dword:00000003
"140C"=dword:00000003
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4]
"1406"=dword:00000003
"1400"=dword:00000003
"2000"=dword:00000003
"1407"=dword:00000003
"1802"=dword:00000003
"1803"=dword:00000003
"2402"=dword:00000003
"1608"=dword:00000003
"120b"=dword:00000003
"120c"=dword:00000003
"1206"=dword:00000003
"2102"=dword:00000003
"1209"=dword:00000003
"2103"=dword:00000003
"2200"=dword:00000003
"270C"=dword:00000000
"1001"=dword:00000003
"1004"=dword:00000003
"2709"=dword:00000003
"2708"=dword:00000003
"160A"=dword:00000003
"1201"=dword:00000003
"1C00"=dword:00000000
"1804"=dword:00000003
"1A00"=dword:00030000
"1607"=dword:00000003
"2004"=dword:00000003
"1200"=dword:00000003
"1405"=dword:00000003
"1402"=dword:00000003
"1806"=dword:00000003
"1409"=dword:00000000
"2500"=dword:00000000
"2301"=dword:00000000
"1809"=dword:00000000
"1606"=dword:00000003
"2101"=dword:00000003
"2001"=dword:00000003
"140C"=dword:00000003

Set Windows 10 IPSec Security policy Variables

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{72385235-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecFilter"
"description"="Matches all ICMP packets between this computer and any other computer."
"name"="ipsecFilter{72385235-70fa-11d1-864c-14a300000000}"
"ipsecName"="All ICMP Traffic"
"ipsecID"="{72385235-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b5,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,52,00,00,00,01,\
00,00,00,02,00,00,00,00,00,02,00,00,00,00,00,0a,00,00,00,49,00,43,00,4d,00,\
50,00,00,00,e0,0e,bc,51,00,8b,06,46,8f,03,6d,3b,4c,45,5e,ff,01,00,00,00,00,\
00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,\
00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,4e,00,46,00,41,00,7b,00,39,00,37,00,39,00,62,00,39,00,61,00,39,\
00,34,00,2d,00,31,00,37,00,62,00,62,00,2d,00,34,00,31,00,34,00,39,00,2d,00,\
61,00,64,00,36,00,62,00,2d,00,64,00,38,00,64,00,34,00,64,00,31,00,32,00,62,\
00,33,00,64,00,66,00,61,00,7d,00,00,00,53,00,4f,00,46,00,54,00,57,00,41,00,\
52,00,45,00,5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,\
00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,\
64,00,6f,00,77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,\
00,6c,00,69,00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,\
70,00,73,00,65,00,63,00,4e,00,46,00,41,00,7b,00,61,00,34,00,61,00,61,00,31,\
00,36,00,34,00,30,00,2d,00,31,00,63,00,66,00,64,00,2d,00,34,00,63,00,30,00,\
35,00,2d,00,38,00,34,00,64,00,37,00,2d,00,36,00,33,00,39,00,34,00,64,00,38,\
00,32,00,30,00,62,00,36,00,38,00,38,00,7d,00,00,00,00,00
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{7238523a-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecFilter"
"description"="Matches all IP packets from this computer to any other computer, except broadcast, multicast, Kerberos, RSVP and ISAKMP (IKE)."
"name"="ipsecFilter{7238523a-70fa-11d1-864c-14a300000000}"
"ipsecName"="All IP Traffic"
"ipsecID"="{7238523a-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b5,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,4a,00,00,00,01,\
00,00,00,02,00,00,00,00,00,02,00,00,00,00,00,02,00,00,00,00,00,10,4f,8e,d5,\
ca,d5,cc,42,82,d6,af,d5,f8,d3,e8,1b,01,00,00,00,00,00,00,00,ff,ff,ff,ff,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,4e,00,46,00,41,00,7b,00,37,00,30,00,33,00,61,00,30,00,66,00,63,\
00,62,00,2d,00,62,00,35,00,65,00,39,00,2d,00,34,00,32,00,34,00,37,00,2d,00,\
39,00,32,00,65,00,65,00,2d,00,32,00,32,00,30,00,64,00,33,00,38,00,37,00,64,\
00,31,00,30,00,33,00,30,00,7d,00,00,00,53,00,4f,00,46,00,54,00,57,00,41,00,\
52,00,45,00,5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,\
00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,\
64,00,6f,00,77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,\
00,6c,00,69,00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,\
70,00,73,00,65,00,63,00,4e,00,46,00,41,00,7b,00,38,00,38,00,31,00,38,00,31,\
00,36,00,62,00,39,00,2d,00,35,00,33,00,64,00,30,00,2d,00,34,00,61,00,64,00,\
61,00,2d,00,62,00,33,00,39,00,63,00,2d,00,62,00,34,00,30,00,65,00,39,00,35,\
00,37,00,64,00,34,00,34,00,33,00,37,00,7d,00,00,00,00,00
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecISAKMPPolicy"
"name"="ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000}"
"ipsecID"="{72385231-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b8,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,40,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,\
00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,\
00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,\
00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,80,70,00,\
00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,\
00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,50,00,6f,00,6c,00,69,00,63,00,79,00,7b,00,37,00,32,00,33,00,38,\
00,35,00,32,00,33,00,30,00,2d,00,37,00,30,00,66,00,61,00,2d,00,31,00,31,00,\
64,00,31,00,2d,00,38,00,36,00,34,00,63,00,2d,00,31,00,34,00,61,00,33,00,30,\
00,30,00,30,00,30,00,30,00,30,00,30,00,30,00,7d,00,00,00,00,00
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385234-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecISAKMPPolicy"
"name"="ipsecISAKMPPolicy{72385234-70fa-11d1-864c-14a300000000}"
"ipsecID"="{72385234-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b8,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,40,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,\
00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,\
00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,\
00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,80,70,00,\
00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,\
00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecISAKMPPolicy"
"name"="ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000}"
"ipsecID"="{72385237-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b8,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,40,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,\
00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,\
00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,\
00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,80,70,00,\
00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,\
00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,50,00,6f,00,6c,00,69,00,63,00,79,00,7b,00,37,00,32,00,33,00,38,\
00,35,00,32,00,33,00,36,00,2d,00,37,00,30,00,66,00,61,00,2d,00,31,00,31,00,\
64,00,31,00,2d,00,38,00,36,00,34,00,63,00,2d,00,31,00,34,00,61,00,33,00,30,\
00,30,00,30,00,30,00,30,00,30,00,30,00,30,00,7d,00,00,00,00,00
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecISAKMPPolicy"
"name"="ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000}"
"ipsecID"="{7238523d-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b8,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,40,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,\
00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,\
00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,\
00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,80,70,00,\
00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,\
00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,50,00,6f,00,6c,00,69,00,63,00,79,00,7b,00,37,00,32,00,33,00,38,\
00,35,00,32,00,33,00,63,00,2d,00,37,00,30,00,66,00,61,00,2d,00,31,00,31,00,\
64,00,31,00,2d,00,38,00,36,00,34,00,63,00,2d,00,31,00,34,00,61,00,33,00,30,\
00,30,00,30,00,30,00,30,00,30,00,30,00,30,00,7d,00,00,00,00,00
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{582b2f50-c50e-4fc4-a1ed-e12d52b6f308}]
"ClassName"="ipsecNegotiationPolicy"
"name"="ipsecNegotiationPolicy{582b2f50-c50e-4fc4-a1ed-e12d52b6f308}"
"ipsecID"="{582b2f50-c50e-4fc4-a1ed-e12d52b6f308}"
"ipsecNegotiationPolicyAction"="{8a171dd3-77e3-11d1-8659-a04f00000000}"
"ipsecNegotiationPolicyType"="{62f49e13-6c37-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b9,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,e4,01,00,00,06,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,03,00,\
00,00,02,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,\
00,00,00,03,00,00,00,01,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,01,00,00,00,01,00,00,00,02,00,00,00,02,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,02,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,02,00,00,00,00,00,00,\
00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,01,00,\
00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,4e,00,46,00,41,00,7b,00,35,00,38,00,64,00,35,00,63,00,38,00,64,\
00,62,00,2d,00,34,00,33,00,35,00,35,00,2d,00,34,00,32,00,61,00,65,00,2d,00,\
61,00,33,00,32,00,65,00,2d,00,35,00,38,00,31,00,36,00,33,00,30,00,36,00,32,\
00,39,00,34,00,63,00,61,00,7d,00,00,00,00,00
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecNegotiationPolicy"
"description"="Accepts unsecured communication, but requests clients to establish trust and security methods. Will communicate insecurely to untrusted clients if they do not respond to request."
"name"="ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000}"
"ipsecName"="Request Security (Optional)"
"ipsecID"="{72385233-70fa-11d1-864c-14a300000000}"
"ipsecNegotiationPolicyAction"="{3f91a81a-7647-11d1-864d-d46a00000000}"
"ipsecNegotiationPolicyType"="{62f49e10-6c37-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b9,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,94,01,00,00,05,\
00,00,00,84,03,00,00,a0,86,01,00,00,00,00,00,00,00,00,00,01,00,00,00,03,00,\
00,00,02,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,84,03,00,00,a0,86,01,00,00,00,00,00,00,00,00,00,01,\
00,00,00,01,00,00,00,02,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,2c,01,00,00,a0,86,01,0

Set Windows 10 Network Security Variables

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Kernel DMA Protection]
"DeviceEnumerationPolicy"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation]
"AllowInsecureGuestAuth"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\NetCache][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Network Connections]
"NCShowSharedAccessUI"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider][HKEYLOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths]
"\\\SYSVOL"="RequireMutualAuthentication=1,RequireIntegrity=1"
"\\
\NETLOGON"="RequireMutualAuthentication=1,RequireIntegrity=1"

Disable Lock Screen Camera and Slide-Show

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization]
"NoLockScreenCamera"=dword:00000001
"NoLockScreenSlideshow"=dword:00000001

Lock Down Powershell Commands

SPECIAL NOTE: WARNING!!! WINDOWS XP WAS NEVER DESIGNED TO RUN THIS VERSION OF POWERSHELL THIS COMMAND IS STRICTLY FOR NESSUS

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\PowerShell][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging]
"EnableScriptBlockLogging"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\PowerShell\Transcription]
"EnableTranscripting"=dword:00000001
"OutputDirectory"="C:\ProgramData\PS_Transcript"

Set Known Software Restriction Policies (Windows 11)

SPECIAL NOTE: WARNING!!! WINDOWS XP WAS NEVER DESIGNED TO RUN THIS VERSION OF CODEIDENTIFIERS POLICY SETTINGS, THESE UPDATES WILL NOT OFFICIALLY WORK

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"ExecutableTypes"=hex(7):41,00,44,00,45,00,00,00,41,00,44,00,50,00,00,00,42,00,\
41,00,53,00,00,00,42,00,41,00,54,00,00,00,43,00,48,00,4d,00,00,00,43,00,4d,\
00,44,00,00,00,43,00,4f,00,4d,00,00,00,43,00,50,00,4c,00,00,00,43,00,52,00,\
54,00,00,00,45,00,58,00,45,00,00,00,48,00,4c,00,50,00,00,00,48,00,54,00,41,\
00,00,00,49,00,4e,00,46,00,00,00,49,00,4e,00,53,00,00,00,49,00,53,00,50,00,\
00,00,4c,00,4e,00,4b,00,00,00,4d,00,44,00,42,00,00,00,4d,00,44,00,45,00,00,\
00,4d,00,53,00,43,00,00,00,4d,00,53,00,49,00,00,00,4d,00,53,00,50,00,00,00,\
4d,00,53,00,54,00,00,00,4f,00,43,00,58,00,00,00,50,00,43,00,44,00,00,00,50,\
00,49,00,46,00,00,00,52,00,45,00,47,00,00,00,53,00,43,00,52,00,00,00,53,00,\
48,00,53,00,00,00,55,00,52,00,4c,00,00,00,56,00,42,00,00,00,57,00,53,00,43,\
00,00,00,00,00
"TransparentEnabled"=dword:00000001
"DefaultLevel"=dword:00040000
"AuthenticodeEnabled"=dword:00000000
"PolicyScope"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes{349d35ab-37b5-462f-9b89-edd5fbde1328}]
"Description"="Stop the download of this file"
"FriendlyName"="Mdac11.cab"
"SaferFlags"=dword:00000000
"HashAlg"=dword:00008003
"ItemData"=hex:5e,ab,30,4f,95,7a,49,89,6a,00,6c,1c,31,15,40,15
"LastModified"=hex(b):85,c4,34,dc,19,a2,c2,01
"ItemSize"=hex(b):0b,03,00,00,00,00,00,00
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}]
"Description"="Stop the download of this file"
"FriendlyName"="mdac20.cab"
"SaferFlags"=dword:00000000
"HashAlg"=dword:00008003
"ItemData"=hex:67,b0,d4,8b,34,3a,3f,d3,bc,e9,dc,64,67,04,f3,94
"LastModified"=hex(b):03,8a,39,dc,19,a2,c2,01
"ItemSize"=hex(b):05,02,00,00,00,00,00,00
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}]
"Description"="Stop the download of this file"
"FriendlyName"="mdac20a.cab"
"SaferFlags"=dword:00000000
"HashAlg"=dword:00008003
"ItemData"=hex:32,78,02,dc,fe,f8,c8,93,dc,8a,b0,06,dd,84,7d,1d
"LastModified"=hex(b):be,77,45,dc,19,a2,c2,01
"ItemSize"=hex(b):96,03,00,00,00,00,00,00
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes{94e3e076-8f53-42a5-8411-085bcc18a68d}]
"Description"="Stop the download of this file"
"FriendlyName"="
msadc10.cab"
"SaferFlags"=dword:00000000
"HashAlg"=dword:00008003
"ItemData"=hex:bd,9a,2a,db,42,eb,d8,56,0e,25,0e,4d,f8,16,2f,67
"LastModified"=hex(b):81,4f,3e,dc,19,a2,c2,01
"ItemSize"=hex(b):e5,00,00,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}]
"Description"="Stop the download of this file"
"FriendlyName"="msadc11.cab"
"SaferFlags"=dword:00000000
"HashAlg"=dword:00008003
"ItemData"=hex:38,6b,08,5f,84,ec,f6,69,d3,6b,95,6a,22,c0,1e,80
"LastModified"=hex(b):40,b2,40,dc,19,a2,c2,01
"ItemSize"=hex(b):72,01,00,00,00,00,00,00
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths{dda3f824-d8cb-441b-834d-be2efd2c1a33}]
"Description"=""
"SaferFlags"=dword:00000000
"ItemData"=hex(2):25,00,48,00,4b,00,45,00,59,00,5f,00,43,00,55,00,52,00,52,00,\
45,00,4e,00,54,00,5f,00,55,00,53,00,45,00,52,00,5c,00,53,00,6f,00,66,00,74,\
00,77,00,61,00,72,00,65,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,\
66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,00,43,00,75,\
00,72,00,72,00,65,00,6e,00,74,00,56,00,65,00,72,00,73,00,69,00,6f,00,6e,00,\
5c,00,45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,72,00,5c,00,53,00,68,00,65,\
00,6c,00,6c,00,20,00,46,00,6f,00,6c,00,64,00,65,00,72,00,73,00,5c,00,43,00,\
61,00,63,00,68,00,65,00,25,00,4f,00,4c,00,4b,00,2a,00,00,00
"LastModified"=hex(b):de,ce,61,cf,d2,86,da,01

Enable Smart Screen Settings for Windows XP (Windows 11)

SPECIAL NOTE: WARNING!!! WINDOWS XP WAS NEVER DESIGNED TO RUN SMART SCREEN VARIABLES LIKE THIS. THIS CHANGE CUSTOMIZES THE SECURITY SETTINGS ON XP

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\System]
"DontDisplayNetworkSelectionUI"=dword:00000001
"EnumerateLocalUsers"=dword:00000000
"EnableSmartScreen"=dword:00000001
"ShellSmartScreenLevel"="Block"
"AllowDomainPINLogon"=dword:00000000
"EnableLogonOptimization"=dword:00000001
"SyncModeSlowLinkThreshold"=dword:000001f4
"SyncModeNoDCThreshold"=dword:00001388

Secure Windows RDS Services (TERMINAL SERVICES)

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]
"fDisableAutoReconnect"=dword:00000001
"fDenyTSConnections"=dword:00000000
"fDisableForcibleLogoff"=dword:00000001
"KeepAliveEnable"=dword:00000000
"MaxInstanceCount"=dword:00000001
"SelectTransport"=dword:00000001
"fSingleSessionPerUser"=dword:00000001
"fAllowUnlistedRemotePrograms"=dword:00000000
"SecurityLayer"=dword:00000000
"UserAuthentication"=dword:00000001
"fAllowToGetHelp"=dword:00000000
"DisablePasswordSaving"=dword:00000001
"fDisableCdm"=dword:00000001
"fPromptForPassword"=dword:00000001
"fEncryptRPCTraffic"=dword:00000001
"MinEncryptionLevel"=dword:00000003
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\AllUserInstallAgent]
"LogonWaitForPackageRegistration"=dword:00000000

Secure Windows Firewall

SPECIAL NOTE: For Obvious Reasons, we can't secure Firewall settings for your home network, however they are configured through SecEdit to match basic requirements.

[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion"=dword:0000021d
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall"=dword:00000001
"DefaultOutboundAction"=dword:00000000
"DefaultInboundAction"=dword:00000001
"DisableNotifications"=dword:00000000
"AllowLocalPolicyMerge"=dword:00000001
"AllowLocalIPsecPolicyMerge"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"{30B550DB-C4B8-4A44-A383-D1C7ED13AAE2}"="v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=43389|Name=AllowCustomRDP|"
"{0B7F479C-F8C6-4850-A763-1C2C9B1FE520}"="v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=6|LPort=3389|Name=DenyDefaultRDP|"
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile]
"EnableFirewall"=dword:00000001
"DefaultOutboundAction"=dword:00000000
"DefaultInboundAction"=dword:00000001
"DisableNotifications"=dword:00000000
"AllowLocalPolicyMerge"=dword:00000001
"AllowLocalIPsecPolicyMerge"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile]
"EnableFirewall"=dword:00000001
"DefaultOutboundAction"=dword:00000000
"DefaultInboundAction"=dword:00000001
"DisableNotifications"=dword:00000000
"AllowLocalPolicyMerge"=dword:00000001
"AllowLocalIPsecPolicyMerge"=dword:00000001

Locking Down Firefox Configurations

[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla][HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox]
"SSLVersionMin"="tls1.2"
"ExtensionUpdate"=dword:00000000
"DisableFormHistory"=dword:00000001
"PasswordManagerEnabled"=dword:00000000
"DisableTelemetry"=dword:00000001
"DisableDeveloperTools"=dword:00000001
"DisableForgetButton"=dword:00000001
"DisablePrivateBrowsing"=dword:00000001
"SearchSuggestEnabled"=dword:00000000
"NetworkPrediction"=dword:00000000
"DisableFirefoxAccounts"=dword:00000001
"DisableFeedbackCommands"=dword:00000001
"Preferences"=hex(7):7b,00,00,00,20,00,20,00,22,00,73,00,65,00,63,00,75,00,72,\
00,69,00,74,00,79,00,2e,00,64,00,65,00,66,00,61,00,75,00,6c,00,74,00,5f,00,\
70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,5f,00,63,00,65,00,72,00,74,\
00,22,00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,00,56,00,61,00,\
6c,00,75,00,65,00,22,00,3a,00,20,00,22,00,41,00,73,00,6b,00,20,00,45,00,76,\
00,65,00,72,00,79,00,20,00,54,00,69,00,6d,00,65,00,22,00,2c,00,00,00,20,00,\
20,00,20,00,20,00,22,00,53,00,74,00,61,00,74,00,75,00,73,00,22,00,3a,00,20,\
00,22,00,6c,00,6f,00,63,00,6b,00,65,00,64,00,22,00,00,00,20,00,20,00,7d,00,\
2c,00,00,00,20,00,20,00,22,00,62,00,72,00,6f,00,77,00,73,00,65,00,72,00,2e,\
00,73,00,65,00,61,00,72,00,63,00,68,00,2e,00,75,00,70,00,64,00,61,00,74,00,\
65,00,22,00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,00,56,00,61,\
00,6c,00,75,00,65,00,22,00,3a,00,20,00,66,00,61,00,6c,00,73,00,65,00,2c,00,\
00,00,20,00,20,00,20,00,20,00,22,00,53,00,74,00,61,00,74,00,75,00,73,00,22,\
00,3a,00,20,00,22,00,6c,00,6f,00,63,00,6b,00,65,00,64,00,22,00,00,00,20,00,\
20,00,7d,00,2c,00,00,00,20,00,20,00,22,00,64,00,6f,00,6d,00,2e,00,64,00,69,\
00,73,00,61,00,62,00,6c,00,65,00,5f,00,77,00,69,00,6e,00,64,00,6f,00,77,00,\
5f,00,6d,00,6f,00,76,00,65,00,5f,00,72,00,65,00,73,00,69,00,7a,00,65,00,22,\
00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,00,56,00,61,00,6c,00,\
75,00,65,00,22,00,3a,00,20,00,74,00,72,00,75,00,65,00,2c,00,00,00,20,00,20,\
00,20,00,20,00,22,00,53,00,74,00,61,00,74,00,75,00,73,00,22,00,3a,00,20,00,\
22,00,6c,00,6f,00,63,00,6b,00,65,00,64,00,22,00,00,00,20,00,20,00,7d,00,2c,\
00,00,00,20,00,20,00,22,00,64,00,6f,00,6d,00,2e,00,64,00,69,00,73,00,61,00,\
62,00,6c,00,65,00,5f,00,77,00,69,00,6e,00,64,00,6f,00,77,00,5f,00,66,00,6c,\
00,69,00,70,00,22,00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,00,\
56,00,61,00,6c,00,75,00,65,00,22,00,3a,00,20,00,74,00,72,00,75,00,65,00,2c,\
00,00,00,20,00,20,00,20,00,20,00,22,00,53,00,74,00,61,00,74,00,75,00,73,00,\
22,00,3a,00,20,00,22,00,6c,00,6f,00,63,00,6b,00,65,00,64,00,22,00,00,00,20,\
00,20,00,7d,00,2c,00,00,00,20,00,20,00,20,00,22,00,62,00,72,00,6f,00,77,00,\
73,00,65,00,72,00,2e,00,63,00,6f,00,6e,00,74,00,65,00,6e,00,74,00,62,00,6c,\
00,6f,00,63,00,6b,00,69,00,6e,00,67,00,2e,00,63,00,61,00,74,00,65,00,67,00,\
6f,00,72,00,79,00,22,00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,\
00,56,00,61,00,6c,00,75,00,65,00,22,00,3a,00,20,00,22,00,73,00,74,00,72,00,\
69,00,63,00,74,00,22,00,2c,00,00,00,20,00,20,00,20,00,20,00,22,00,53,00,74,\
00,61,00,74,00,75,00,73,00,22,00,3a,00,20,00,22,00,6c,00,6f,00,63,00,6b,00,\
65,00,64,00,22,00,00,00,20,00,20,00,7d,00,2c,00,00,00,20,00,20,00,22,00,65,\
00,78,00,74,00,65,00,6e,00,73,00,69,00,6f,00,6e,00,73,00,2e,00,68,00,74,00,\
6d,00,6c,00,61,00,62,00,6f,00,75,00,74,00,61,00,64,00,64,00,6f,00,6e,00,73,\
00,2e,00,72,00,65,00,63,00,6f,00,6d,00,6d,00,65,00,6e,00,64,00,61,00,74,00,\
69,00,6f,00,6e,00,73,00,2e,00,65,00,6e,00,61,00,62,00,6c,00,65,00,64,00,22,\
00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,00,56,00,61,00,6c,00,\
75,00,65,00,22,00,3a,00,20,00,66,00,61,00,6c,00,73,00,65,00,2c,00,00,00,20,\
00,20,00,20,00,20,00,22,00,53,00,74,00,61,00,74,00,75,00,73,00,22,00,3a,00,\
20,00,22,00,6c,00,6f,00,63,00,6b,00,65,00,64,00,22,00,00,00,20,00,20,00,7d,\
00,00,00,7d,00,00,00,00,00
"DisablePocket"=dword:00000001
"DisableFirefoxStudies"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\Certificates]
"ImportEnterpriseRoots"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\DisabledCiphers]
"TLSRSAWITH3DESEDECBCSHA"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\EnableTrackingProtection]
"Fingerprinting"=dword:00000001
"Cryptomining"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\EncryptedMediaExtensions]
"Enabled"=dword:00000000
"Locked"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\FirefoxHome]
"Search"=dword:00000000
"TopSites"=dword:00000000
"SponsoredTopSites"=dword:00000000
"Highlights"=dword:00000000
"Pocket"=dword:00000000
"SponsoredPocket"=dword:00000000
"Snippets"=dword:00000000
"Locked"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\InstallAddonsPermission]
"Default"=dword:00000000
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\Permissions][HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\Permissions\Autoplay]
"Default"="block-audio-video"
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking]
"Default"=dword:00000001
"Locked"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking\Allow]
"1"=".mil"
"2"=".gov"
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\SanitizeOnShutdown]
"Cache"=dword:00000000
"Cookies"=dword:00000000
"Downloads"=dword:00000000
"FormData"=dword:00000000
"History"=dword:00000000
"Sessions"=dword:00000000
"SiteSettings"=dword:00000000
"OfflineApps"=dword:00000000
"Locked"=dword:00000001
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\UserMessaging]
"ExtensionRecommendations"=dword:00000000

Disable Remote Registry Anonymous access

[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
"Description"="Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start."
"DependOnService"=hex(7):52,00,50,00,43,00,53,00,53,00,00,00,00,00
"DisplayName"="Remote Registry"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,00,00
"ObjectName"="NT AUTHORITY\LocalService"
"Group"=""
"Start"=dword:00000004
"Type"=dword:00000020
"FailureActions"=hex:00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,e0,ad,08,\
00,01,00,00,00,e8,03,00,00
"DependOnGroup"=hex(7):00,00
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
72,00,65,00,67,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,60,00,04,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,\
05,0b,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,\
23,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
02,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum]
"0"="Root\LEGACY_REMOTEREGISTRY\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

Disable MIcrosoft Remote Access Help on XP

[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess]
"Type"=dword:00000020
"Start"=dword:00000004
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"DisplayName"="Routing and Remote Access"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,53,00,00,00,00,00
"DependOnGroup"=hex(7):4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,47,00,72,00,\
6f,00,75,00,70,00,00,00,00,00
"ObjectName"="LocalSystem"
"Description"="Offers routing services to businesses in local area and wide area network environments."
@=""
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting\Providers]
"ActiveProvider"="{1AA7F846-C7F5-11D0-A376-00C04FC9DA04}"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting\Providers{1AA7F840-C7F5-11D0-A376-00C04FC9DA04}]
"ConfigClsid"="{1AA7F840-C7F5-11D0-A376-00C04FC9DA04}"
"DisplayName"="RADIUS Accounting"
"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,\
61,00,73,00,72,00,61,00,64,00,2e,00,64,00,6c,00,6c,00,00,00
"ProviderTypeGUID"="{76560D80-2BFD-11d2-9539-3078302C2030}"
"VendorName"="Microsoft"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting\Providers{1AA7F846-C7F5-11D0-A376-00C04FC9DA04}]
"ConfigClsid"=""
"DisplayName"="Windows Accounting"
"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,\
70,00,72,00,64,00,64,00,6d,00,2e,00,64,00,6c,00,6c,00,00,00
"ProviderTypeGUID"="{76560D81-2BFD-11d2-9539-3078302C2030}"
"VendorName"="Microsoft"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication\Providers]
"ActiveProvider"="{1AA7F841-C7F5-11D0-A376-00C04FC9DA04}"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication\Providers{1AA7F83F-C7F5-11D0-A376-00C04FC9DA04}]
"ConfigClsid"="{1AA7F83F-C7F5-11D0-A376-00C04FC9DA04}"
"DisplayName"="RADIUS Authentication"
"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,\
61,00,73,00,72,00,61,00,64,00,2e,00,64,00,6c,00,6c,00,00,00
"VendorName"="Microsoft"
"ProviderTypeGUID"="{76560D00-2BFD-11d2-9539-3078302C2030}"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication\Providers{1AA7F841-C7F5-11D0-A376-00C04FC9DA04}]
"ConfigClsid"=""
"DisplayName"="Windows Authentication"
"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,\
70,00,72,00,64,00,64,00,6d,00,2e,00,64,00,6c,00,6c,00,00,00
"VendorName"="Microsoft"
"ProviderTypeGUID"="{76560D01-2BFD-11d2-9539-3078302C2030}"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\DemandDialManager]
"DllPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,\
00,70,00,72,00,64,00,64,00,6d,00,2e,00,64,00,6c,00,6c,00,00,00
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces]
"Stamp"=dword:00000000
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\0]
"InterfaceName"="Loopback"
"Type"=dword:00000005
"Enabled"=dword:00000001
"Stamp"=dword:00000000
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\0\Ip]
"ProtocolId"=dword:00000021
"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,38,00,00,\
00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\
07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\1]
"InterfaceName"="Internal"
"Type"=dword:00000004
"Enabled"=dword:00000001
"Stamp"=dword:00000000
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\1\Ip]
"ProtocolId"=dword:00000021
"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,38,00,00,\
00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\
07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\2]
"InterfaceName"="{029DC097-8FC0-475C-BEB2-112AEB62D7A0}"
"Type"=dword:00000003
"Enabled"=dword:00000001
"Stamp"=dword:00000000
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\2\Ip]
"ProtocolId"=dword:00000021
"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,38,00,00,\
00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\
07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters]
"RouterType"=dword:00000001
"ServerFlags"=dword:00002702
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
6d,00,70,00,72,00,64,00,69,00,6d,00,2e,00,64,00,6c,00,6c,00,00,00
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\AppleTalk]
"EnableIn"=dword:00000001
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\Ip]
"AllowClientIpAddresses"=dword:00000000
"AllowNetworkAccess"=dword:00000001
"EnableIn"=dword:00000001
"IpAddress"="0.0.0.0"
"IpMask"="0.0.0.0"
"UseDhcpAddressing"=dword:00000001
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\Ipx]
"EnableIn"=dword:00000001
"AcceptRemoteNodeNumber"=dword:00000001
"AllowNetworkAccess"=dword:00000001
"AutoWanNetAllocation"=dword:00000001
"FirstWanNet"=dword:00000000
"GlobalWanNet"=dword:00000001
"LastWanNet"=dword:00000000
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\Nbf]
"EnableIn"=dword:00000001
"AllowNetworkAccess"=dword:00000001
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Performance]
"Open"="OpenRasPerformanceData"
"Close"="CloseRasPerformanceData"
"Collect"="CollectRasPerformanceData"
"Library"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,\
00,61,00,73,00,63,00,74,00,72,00,73,00,2e,00,64,00,6c,00,6c,00,00,00
"Last Counter"=dword:00000804
"Last Help"=dword:00000805
"First Counter"=dword:000007de
"First Help"=dword:000007df
"WbemAdapFileSignature"=hex:b0,b0,d7,90,5a,c7,1b,c2,78,f1,7f,45,5e,18,26,11
"WbemAdapFileTime"=hex:00,a0,a1,10,27,9e,c8,01
"WbemAdapFileSize"=dword:00002e00
"WbemAdapStatus"=dword:00000000
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy]
"ProductDir"="C:\WINDOWS\system32\IAS"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\01]
@="IAS.ProxyPolicyEnforcer"
"Requests"="0 1 2"
"Responses"="0 1 2 3 4"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\02]
@="IAS.NTSamNames"
"Providers"="1"
"Requests"="0"
"Responses"="0 1 3"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\03]
@="IAS.BaseCampHost"
"Requests"="0 1"
"Responses"="0 1 2 4"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\04]
@="IAS.RadiusProxy"
"Providers"="2"
"Responses"="0"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\05]
@="IAS.NTSamAuthentication"
"Providers"="1"
"Requests"="0"
"Responses"="0"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\06]
@="IAS.AccountValidation"
"Providers"="1"
"Requests"="0"
"Responses"="0 1"
"Reasons"="33"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\07]
@="IAS.PolicyEnforcer"
"Providers"="1"
"Requests"="0"
"Responses"="0 1 3"
"Reasons"="33"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\08]
@="IAS.NTSamPerUser"
"Providers"="1"
"Requests"="0"
"Responses"="0 1 3"
"Reasons"="33"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\09]
@="IAS.EAP"
"Providers"="1"
"Requests"="0 2"
"Responses"="0"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\10]
@="IAS.URHandler"
"Providers"="0 1"
"Requests"="0 2"
"Responses"="0 1"
"Reasons"="33"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\11]
@="IAS.ChangePassword"
"Providers"="1"
"Requests"="0"
"Responses"="0 1"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\12]
@="IAS.AuthorizationHost"
"Requests"="0 1 2"
"Responses"="0 1 2 4"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\13]
@="IAS.Accounting"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\14]
@="IAS.MSChapErrorReporter"
"Providers"="0 1"
"Requests"="0"
"Responses"="2"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\RouterManagers]
"Stamp"=dword:00000000
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\RouterManagers\Ip]
"ProtocolId"=dword:00000021
"GlobalInfo"=hex:01,00,00,00,80,00,00,00,02,00,00,00,03,00,ff,ff,08,00,00,00,\
01,00,00,00,30,00,00,00,06,00,ff,ff,3c,00,00,00,01,00,00,00,38,00,00,00,00,\
00,00,00,00,00,00,00,01,00,00,00,07,00,00,00,02,00,00,00,01,00,00,00,03,00,\
00,00,0a,00,00,00,16,27,00,00,03,00,00,00,17,27,00,00,05,00,00,00,12,27,00,\
00,07,00,00,00,0d,00,00,00,6e,00,00,00,08,00,00,00,78,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"DLLPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,69,\
00,70,00,72,00,74,00,72,00,6d,00,67,00,72,00,2e,00,64,00,6c,00,6c,00,00,00
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

Secure Terminal Access RDP

[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\Console\RDP]
"CdClass"=dword:00000000
"CdDLL"=""
"CdFlag"=dword:00000000
"CdName"=""
"CfgDll"="RDPCFGEX.DLL"
"InteractiveDelay"=dword:00000032
"OutBufDelay"=dword:00000064
"PdClass"=dword:00000002
"PdDLL"="tdtcp"
"PdFlag"=dword:0000004e
"PdName"="tcp"
"WdDLL"="rdpwd"
"WdFlag"=dword:00000034
"WdName"="Microsoft RDP 5.1"
"WdPrefix"="RDP"
"WsxDLL"="rdpwsx"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
"CfgDll"="RDPCFGEX.DLL"
"fEnableWinStation"=dword:00000001
"MaxInstanceCount"=dword:ffffffff
"PdName"="tcp"
"PdClass"=dword:00000002
"PdDLL"="tdtcp"
"PdFlag"=dword:0000004e
"OutBufLength"=dword:00000212
"OutBufCount"=dword:00000006
"OutBufDelay"=dword:00000064
"InteractiveDelay"=dword:00000032
"PortNumber"=dword:0000a97d
"KeepAliveTimeout"=dword:00000000
"LanAdapter"=dword:00000000
"WdName"="Microsoft RDP 5.1"
"WdDLL"="rdpwd"
"WsxDLL"="rdpwsx"
"WdFlag"=dword:00000036
"InputBufferLength"=dword:00000800
"CdClass"=dword:00000000
"CdName"=""
"CdDLL"=""
"CdFlag"=dword:00000000
"Comment"=""
"fInheritAutoLogon"=dword:00000001
"fInheritResetBroken"=dword:00000001
"fInheritReconnectSame"=dword:00000001
"fInheritInitialProgram"=dword:00000001
"fInheritCallback"=dword:00000000
"fInheritCallbackNumber"=dword:00000001
"fInheritShadow"=dword:00000001
"fInheritMaxSessionTime"=dword:00000001
"fInheritMaxDisconnectionTime"=dword:00000001
"fInheritMaxIdleTime"=dword:00000001
"fInheritAutoClient"=dword:00000001
"fInheritSecurity"=dword:00000000
"fInheritColorDepth"=dword:00000000
"fPromptForPassword"=dword:00000000
"fResetBroken"=dword:00000000
"fReconnectSame"=dword:00000000
"fLogonDisabled"=dword:00000000
"fAutoClientDrives"=dword:00000001
"fAutoClientLpts"=dword:00000001
"fForceClientLptDef"=dword:00000001
"fDisableEncryption"=dword:00000001
"fHomeDirectoryMapRoot"=dword:00000000
"fUseDefaultGina"=dword:00000000
"fDisableCpm"=dword:00000000
"fDisableCdm"=dword:00000000
"fDisableCcm"=dword:00000000
"fDisableLPT"=dword:00000000
"fDisableClip"=dword:00000000
"fDisableExe"=dword:00000000
"fDisableCam"=dword:00000000
"Username"=""
"Domain"=""
"Password"=""
"WorkDirectory"=""
"InitialProgram"=""
"CallbackNumber"=""
"Callback"=dword:00000000
"Shadow"=dword:00000001
"MaxConnectionTime"=dword:00000000
"MaxDisconnectionTime"=dword:00000000
"MaxIdleTime"=dword:00000000
"KeyboardLayout"=dword:00000000
"MinEncryptionLevel"=dword:00000002
"NWLogonServer"=""
"WFProfilePath"=""
"WdPrefix"="RDP"
"TraceEnable"=dword:00000000
"TraceDebugger"=dword:00000000
"TraceClass"=dword:00000000
"ColorDepth"=dword:00000003

Disable Auto-Run Applications

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoWebServices"=dword:00000001
"NoAutorun"=dword:00000001
"NoDriveTypeAutoRun"=dword:000000ff
"NoStartBanner"=dword:00000001
"PreXPSP2ShellProtocolBehavior"=dword:00000000

Disables Option to Run this time, Run Once

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext]
"RunThisTimeEnabled"=dword:00000000
"VersionCheckEnabled"=dword:00000001

Logon Popup Details

SPECIAL NOTE: You can change the LegalNotic, or LegalNoticText to anything you want, but don't use any spaces, and write it like one continuous sentence.

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies ystem]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"="Welcome to Near Nist 800-171 for GraniteXP-2024 Edition"
"legalnoticetext"="NOTICE: This package is a BETA package, and is in development by @GenericTechSupport on Youtube. Subscribers will get updated details as packages are rolled out. Please subscribe to stay up to date on continued improvements. If you have any additional details, or requests, please feel free to leave a comment on the GraniteXP Project Playlist on the @GenericTechSupport youtube Channel. "
"shutdownwithoutlogon"=dword:00000000
"undockwithoutlogon"=dword:00000001
"disablecad"=dword:00000000
"inactivitytimeoutsecs"=dword:00000384
"MSAOptional"=dword:00000001
"DisableAutomaticRestartSignOn"=dword:00000001

WinLogon Variables

[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoRestartShell"=dword:00000001
"LegalNoticeCaption"=""
"LegalNoticeText"=""
"PowerdownAfterShutdown"="0"
"ReportBootOk"="1"
"Shell"="Explorer.exe"
"ShutdownWithoutLogon"="0"
"SfcQuota"=dword:ffffffff
"allocatecdroms"="0"
"allocatedasd"="0"
"allocatefloppies"="0"
"forceunlocklogon"=dword:00000000
"passwordexpirywarning"=dword:0000000e
"scremoveoption"="1"
"AllowMultipleTSSessions"=dword:00000000
"UIHost"=hex(2):6c,00,6f,00,67,00,6f,00,6e,00,75,00,69,00,2e,00,65,00,78,00,65,\
00,00,00
"LogonType"=dword:00000000
"DebugServerCommand"="no"
"SFCDisable"=dword:00000000
"WinStationsDisabled"="0"
"HibernationPreviouslyEnabled"=dword:00000001
"ShowLogonOptions"=dword:00000001
"DisableCAD"=dword:00000000
"AutoAdminLogon"="0"

LANMAN Server/Client Settings

[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters]
"enableplaintextpassword"=dword:00000000
"enablesecuritysignature"=dword:00000001
"requiresecuritysignature"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
77,00,6b,00,73,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00
"OtherDomains"=hex(7):00,00
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters]
"Size"=dword:00000002
"DisableDos"=dword:00000000
"autodisconnect"=dword:0000000f
"enableforcedlogoff"=dword:00000001
"enablesecuritysignature"=dword:00000001
"requiresecuritysignature"=dword:00000001
"NullSessionPipes"=hex(7):43,00,4f,00,4d,00,4e,00,41,00,50,00,00,00,43,00,4f,\
00,4d,00,4e,00,4f,00,44,00,45,00,00,00,53,00,51,00,4c,00,5c,00,51,00,55,00,\
45,00,52,00,59,00,00,00,53,00,50,00,4f,00,4f,00,4c,00,53,00,53,00,00,00,4c,\
00,4c,00,53,00,52,00,50,00,43,00,00,00,62,00,72,00,6f,00,77,00,73,00,65,00,\
72,00,00,00,00,00
"NullSessionShares"=hex(7):43,00,4f,00,4d,00,43,00,46,00,47,00,00,00,44,00,46,\
00,53,00,24,00,00,00,00,00
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
73,00,72,00,76,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00
"Lmannounce"=dword:00000000
"Guid"=hex:e7,e8,91,4a,c5,2d,f8,49,b2,92,29,e4,87,d6,eb,30
"AdjustedNullSessionPipes"=dword:00000001
"SMB1"=dword:00000000
"restrictnullsessaccess"=dword:00000001
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer]
"Start"=dword:00000004

Cleanup Process

GPO/REG Config Cleanup Final Step Details

Disable System Restore

reg add "HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v DisableSR /t REG_DWORD /d 1 /f

Set Page file to 4GB

reg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v PagingFiles /t REGMULTISZ /d "C:\pagefile.sys 4092 4092" /f

Disable System Remote Assistance

reg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Remote Assistance" /v fAllowToGetHelp /t REGDWORD /d 0 /freg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Remote Assistance" /v fAllowFullControl /t REGDWORD /d 0 /f

Disable Microsoft Remote Support

reg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fAllowToGetHelp /t REG_DWORD /d 0 /f

Disable Application Foreground Boost

reg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\PriorityControl" /v Win32PrioritySeparation /t REG_DWORD /d 24 /f

Define RDP Inbound Port

reg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber /t REG_DWORD /d "43389" /f

Windows Service Cleanup

Disable Windows Screen Recording

sc config srservice start= disabled

Disable Shared Resources

sc config browser start= disabled

Disable Windows Help Services

sc config helpsvc start= disabled

Disable Printer Services

sc config spooler start= disabled

Disable Windows Updates Services

sc config wuauserv start= disabled

MISC DATA

GPO/REG Configuration Details

The above is an incomplete list, the Policy configurations have changes slightly over the past year to compensate for additional configurations. It's important to note that while this project is a working project, it's been modeled after a Windows 10 22H2 machine, and there's been a couple of windows 11 Policies Sprinkled in over the year, however, that the configuration is based on a 100% out of the box windows XP SP3 machine, with no updates or any configurations on it. Attempting to install this package on a pre-built or XP system with a ton of stuff on it is a bad idea, and not something recommened.

NEW NETWORK CONFIGURATION

Set the Dynamic RPC Ports

reg add "HKLM\SOFTWARE\Microsoft\Rpc\Internet" /v Ports /t REGMULTISZ /d 4000-4700 /f

Turn on Defined Internet RPC Access Ports

reg add "HKLM\SOFTWARE\Microsoft\Rpc\Internet" /v PortsInternetAvailable /t REG_SZ /d Y /f

Force Use of Internet External RPC Ports

reg add "HKLM\SOFTWARE\Microsoft\Rpc\Internet" /v UseInternetPorts /t REG_SZ /d Y /f

Force Object Linking for DCOM

reg add "HKLM\SOFTWARE\Microsoft\ole" /v EnableDCOM /t REG_SZ /d N /f

Disable DCOM on RPC Protocol

reg add "HKLM\SOFTWARE\Microsoft\Rpc" /v "DCOM Protocols" /t REGMULTISZ /f

Disable SMB Share Access Port

reg add "HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v SMBDeviceEnabled /t REG_DWORD /d 0 /f

Disable LMHost Share Access Port

reg add "HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v EnableLMHOSTS /t REG_DWORD /d 0 /f

Disable Print Spooler Services

sc config spooler start= disabled

Configure Network Firewall Ports

Configure Custom Settings for Network Security

Windows Registry Editor Version 5.00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
69,00,70,00,6e,00,61,00,74,00,68,00,6c,00,70,00,2e,00,64,00,6c,00,6c,00,00,\
00
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Disabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:
:disabled:@xpsp2res.dll,-22019"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System]
"clroptimizationv4.0.3031932-1"="V4.0|Action=Block|Dir=In|App=c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe|Svc=clroptimizationv4.0.3031932|Name=Block traffic for clroptimizationv4.0.3031932|"
"clr
optimizationv4.0.3031932-2"="V4.0|Action=Block|Dir=Out|App=c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe|Svc=clroptimizationv4.0.3031932|Name=Block traffic for clroptimizationv4.0.3031932|"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Disabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:
:disabled:@xpsp2res.dll,-22019"
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP"="5985:TCP::Disabled:Windows Remote Management "
"80:TCP"="80:TCP:
:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In) "
"43389:TCP"="43389:TCP:*:Enabled:CustomRDP"

Granite Install Instructions

Package Details

Hardware Requirements

A FRESH INSTALL
Pentium 3 733MHZ or better
(4 Core on ONECOREAPI Mod)
4GB PC133 RAM
(8GB DDR on OneCoreAPI Mod)
40GB IDE HARDDISK
Video Card capable of 1024/768
NO Network Connection Required

Package Contents

00. ReadFirst
01. RegistryMods
02. Updates
03. Cleanup

Step 1: Installation Prep

1. Click on Start
2. Right Click on My Computer
3. Choose Manage
4. Click on Local Users and Groups
5. Click on users
6. Right Click Choose New User
Name: Pete (or whatever you want to name it)
7. Password: 8-12 Characters, 2 special, 2 numbers (Warning Less than 8 characters will cause package to fail)
8. Create
9. Right-Click on Pete
Make him a member of "Administrators" Group.
10. Remove him from Users Group
Save
NOTE: This account only needs to exist, does not need to be the primary account

Step 2: Installation Prep

1. Create a new Folder in C:\ called "Tools"
2. Copy the installation package into that location

Step 3: Installation Mod

1. Open "01. RegistryMods"
2. Right-Click-on "01. POSEnabled" 3. Click on Merge
4. Click on Yes
5. Click on OK
6. Right-Click-on "02. SecurityEnabled"
7. Click on Merge
8. Click on Yes
9. Click on Ok
Reboot the system

Step 4: Installation Updates 1

1. Open "02 Updates"
2. Open Folder "01. WSUSOfflineXP"
3. Double-Click - UpdateInstaller

SELECT OPTIONS
1. Update Root Certificates
2. Install IE 8
3. Update C++ Runtimes
4. Install .net 3.5 SP1
5. Install .net 4.X
6. Install Powershell 2.0
7. Install Management Framework 3.0
8. Update DirectX Runtime
9. Update Windows Media Player
10. Update Remote Desktop Client
11. Automatic Reboot and Recall (Doesn't 100% work)
12. Verify Installation packages

SPECIAL NOTESystem will reboot 3-7 times depending on hardware and other factors.You must Click OK on the Banner data on the logon screen, the system will automatically recall and update after that point.Once completed you will be forced to authenticate to log back into the system.

Step 5: Installation Updates 2

1. Open "02 Updates"
2. Open Folder "02. FullXPUpdates"
3. Double-Click on "00-RunFirst"
When completed the system will automatically reboot.Estimated 2-4min to complete

Step 6: Installation Updates 3

1. Open "02 Updates"
2. Open Folder "02. FullXPUpdates"
3. Double-Click on "00-Run-Second"
When completed the system will automatically reboot.Estimated 4+ Hours to complete

Step 7: Installation Updates 4

1. Open "02 Updates"
2. Open Folder "03. ApplicationRollups"
3. Double-Click on "00-RunLast"
When completed the system will automatically reboot.Estimated 10-20min to complete

Step 8: Installation Cleanup

1. Open "03. Cleanup"
2. Double-Click on "RunLast"
When completed the system will automatically reboot.Estimated 10-20Seconds to complete

Request Ad-Time

Please provide a brief introduction to your product or service, highlighting its technical integrity, testing, and quality.If this is not a technical request, please provide details on the product or service, e.g., lifestyle product, eco-friendly item, home gadget, etc.Please mention any relevant features or qualities, such as sustainability, ease of use, design and any links to studies or details vetting the products quality or function.

GenericTechSupport Business Collaboration request

Collaboration meetings are an essential part of our process, where we work closely with clients to understand their specific needs, discuss potential solutions, and align on goals.These meetings foster open communication and help us provide customized IT support that best suits your business requirements.We are committed to ensuring that every collaboration is productive and results-driven.Use the contact-us details listed here for service

GenericTechSupport MSP Request

We offer a range of pricing options to suit your needs, including flat rates and hourly rates.Whether you require a one-time service or ongoing support, we can customize a solution that fits your budget and ensures you receive the technical assistance you need.Feel free to contact us to discuss the best option for your business.

Have an Idea for a video?

Whether you have a video idea in mind or need assistance learning something new in Technology, feel free to send us a Video Idea. We're here to help!

About TechGuyOne and The GenericTechSupport Youtube Channel.

With over 25 years of extensive experience in the IT and systems engineering field, I have honed my expertise across a broad range of technologies and industries.My journey has led me to work on high-impact projects for multiple high profile organizations, where I was responsible for designing and implementing complex integration and encryption solutions.My technical background spans across various Microsoft server technologies, cloud solutions, security and compliance frameworks, as well as systems and network infrastructure.I have led diverse engineering projects, from Active Directory implementations to designing advanced cloud integrations and supporting legacy systems for some of the largest companies in the world.In multiple roles I have found myself training the more junior engineers and techs, providing them with guidance and direction. These young professionals are who pushed me to start the generictechsupport youtube channel.I specialize in providing expert consulting for businesses seeking tailored IT support, migration solutions, and long-term infrastructure improvements. With a proven track record of ensuring compliance across industries like healthcare, finance, and government, I understand the importance of maintaining a secure and efficient environment.In addition to my technical prowess, I bring a strong set of soft skills to the table, including excellent communication, documentation, and customer service abilities.I have built a reputation for being a collaborative leader, working closely with teams and clients to ensure project success and long-term satisfaction.Whether working on a large-scale migration, designing complex integrations, or providing ongoing IT management and support, I am committed to delivering high-quality, results-driven solutions that enhance operational efficiency and security.

Thank You

Thank you for reaching out!No matter which department you're contacting, we're excited to assist you and look forward to engaging with you in any way we can.

How to Apply WMI in Domain Controllers

Right click WMI Filters, choose New, Name it something, and click on Add, Under the Query, add whatever Query data you want to create the filter from, use the cheat sheet located in the next part of this page, and create the WMI Filter you need to filter.

Windows DESKTOPS WMI Filter List

Windows Desktop OS WMI

Any Windows Desktop OS – Version 1
select * from Win32OperatingSystem WHERE ProductType = "1"
Any Windows Desktop OS – Version 2 (better for Win7 sometimes)
select * from Win32
OperatingSystem WHERE (ProductType <> "2") AND (ProductType <> "3")
Any Windows Desktop OS – 32-bit
select * from Win32OperatingSystem WHERE ProductType = "1" AND NOT OSArchitecture = "64-bit"
Any Windows Desktop OS – 64-bit
select * from Win32
OperatingSystem WHERE ProductType = "1" AND OSArchitecture = "64-bit"

Windows XP OS WMI

Windows XP
select * from Win32OperatingSystem WHERE (Version like "5.1%" or Version like "5.2%") AND ProductType="1"
Windows XP – 32-bit
select * from Win32
OperatingSystem WHERE (Version like "5.1%" or Version like "5.2%") AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows XP – 64-bit (Excluses IA64 Chip)
select * from Win32_OperatingSystem WHERE (Version like "5.1%" or Version like "5.2%") AND ProductType="1" AND OSArchitecture = "64-bit"

Windows VISTA OS WMI

Windows Vista
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="1"
Windows Vista – 32-bit
select * from Win32
OperatingSystem WHERE Version like "6.0%" AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows Vista – 64-bit
select * from Win32_OperatingSystem WHERE Version like "6.0%" AND ProductType="1" AND OSArchitecture = "64-bit"

Windows 7 OS WMI

Windows 7
select * from Win32OperatingSystem WHERE Version like "6.1%" AND ProductType="1"
Windows 7 – 32-bit
select * from Win32
OperatingSystem WHERE Version like "6.1%" AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows 7 – 64-bit
select * from Win32_OperatingSystem WHERE Version like "6.1%" AND ProductType="1" AND OSArchitecture = "64-bit"

Windows 8 OS WMI

Windows 8
select * from Win32OperatingSystem WHERE Version like "6.2%" AND ProductType="1"
Windows 8 – 32-bit
select * from Win32
OperatingSystem WHERE Version like "6.2%" AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows 8 – 64-bit
select * from Win32_OperatingSystem WHERE Version like "6.2%" AND ProductType="1" AND OSArchitecture = "64-bit"

Windows 8.1 OS WMI

Windows 8.1
select * from Win32OperatingSystem WHERE Version like "6.3%" AND ProductType="1"
Windows 8.1 – 32-bit
select * from Win32
OperatingSystem WHERE Version like "6.3%" AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows 8.1 – 64-bit
select * from Win32_OperatingSystem WHERE Version like "6.3%" AND ProductType="1" AND OSArchitecture = "64-bit"

Windows 10 OS WMI

Windows 10
select * from Win32OperatingSystem WHERE Version like "10.0.1%" AND ProductType="1"
Windows 10 – 32-bit
select * from Win32
OperatingSystem WHERE Version like "10.0.1%" AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows 10 – 64-bit
select * from Win32_OperatingSystem WHERE Version like "10.0.1%" AND ProductType="1" AND OSArchitecture = "64-bit"

Windows 11 OS WMI

Windows 11
select * from Win32_OperatingSystem WHERE Version like "10.0.2%" AND ProductType="1"

Windows SERVERS WMI Filter List

Windows Server OS WMI

Any Windows Server OS
select * from Win32OperatingSystem where (ProductType = "2") OR (ProductType = "3")
Any Windows Server OS – 32-bit
select * from Win32
OperatingSystem where (ProductType = "2") OR (ProductType = "3") AND NOT OSArchitecture = "64-bit"
Any Windows Server OS – 64-bit
select * from Win32OperatingSystem where (ProductType = "2") OR (ProductType = "3") AND OSArchitecture = "64-bit"
Any Windows Server – Domain Controller
select * from Win32
OperatingSystem where (ProductType = "2")
Any Windows Server – Domain Controller – 32-bit
select * from Win32OperatingSystem where (ProductType = "2") AND NOT OSArchitecture = "64-bit"
Any Windows Server – Domain Controller – 64-bit
select * from Win32
OperatingSystem where (ProductType = "2") AND OSArchitecture = "64-bit"
Any Windows Server – Non-Domain Controller
select * from Win32OperatingSystem where (ProductType = "3")
Any Windows Server – Non- Domain Controller – 32-bit
select * from Win32
OperatingSystem where (ProductType = "3") AND NOT OSArchitecture = "64-bit"
Any Windows Server – Non-Domain Controller – 64-bit
select * from Win32_OperatingSystem where (ProductType = "3") AND OSArchitecture = "64-bit"

Windows Server 2003 WMI

Windows Server 2003 – DC
select * from Win32OperatingSystem WHERE Version like "5.2%" AND ProductType="2"
Windows Server 2003 – non-DC
select * from Win32
OperatingSystem WHERE Version like "5.2%" AND ProductType="3"
Windows Server 2003 – 32-bit – DC
select * from Win32OperatingSystem WHERE Version like "5.2%" AND ProductType="2" AND NOT OSArchitecture = "64-bit"
Windows Server 2003 – 32-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "5.2%" AND ProductType="3" AND NOT OSArchitecture = "64-bit"
Windows Server 2003 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "5.2%" AND ProductType="2" AND OSArchitecture = "64-bit"
Windows Server 2003 – 64-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "5.2%" AND ProductType="3" AND OSArchitecture = "64-bit"

Windows Server 2003R2 WMI

Windows Server 2003 R2 – DC
select * from Win32OperatingSystem WHERE Version like "5.2.3%" AND ProductType="2"
Windows Server 2003 R2 – non-DC
select * from Win32
OperatingSystem WHERE Version like "5.2.3%" AND ProductType="3"
Windows Server 2003 R2 – 32-bit – DC
select * from Win32OperatingSystem WHERE Version like "5.2.3%" AND ProductType="2" AND NOT OSArchitecture = "64-bit"
Windows Server 2003 R2 – 32-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "5.2.3%" AND ProductType="3" AND NOT OSArchitecture = "64-bit"
Windows Server 2003 R2 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "5.2.3%" AND ProductType="2" AND OSArchitecture = "64-bit"
Windows Server 2003 R2 – 64-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "5.2.3%" AND ProductType="3" AND OSArchitecture = "64-bit"

Windows Server 2008 WMI

Windows Server 2008 – DC
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="2"
Windows Server 2008 – non-DC
select * from Win32
OperatingSystem WHERE Version like "6.0%" AND ProductType="3"
Windows Server 2008 – 32-bit – DC
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="2" AND NOT OSArchitecture = "64-bit"
Windows Server 2008 – 32-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "6.0%" AND ProductType="3" AND NOT OSArchitecture = "64-bit"
Windows Server 2008 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="2" AND OSArchitecture = "64-bit"
Windows Server 2008 – 64-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "6.0%" AND ProductType="3" AND OSArchitecture = "64-bit"

Windows Server 2008R2 WMI

Windows Server 2008 R2 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "6.1%" AND ProductType="2"
Windows Server 2008 R2 – 64-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "6.1%" AND ProductType="3"

Windows Server 2012 WMI

Windows Server 2012 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "6.2%" AND ProductType="2"
Windows Server 2012 – 64-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "6.2%" AND ProductType="3"

Windows Server 2012R2 WMI

Windows Server 2012 R2 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "6.3%" AND ProductType="2"
Windows Server 2012 R2 – 64-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "6.3%" AND ProductType="3"

Windows Server 2016 WMI

Windows Server 2016 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "10.0.14%" AND ProductType="2"
Windows Server 2016 – 64-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "10.0.14%" AND ProductType="3"

Windows Server 2019 WMI

Windows Server 2019 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "10.0.17%" AND ProductType="2"
Windows Server 2019 – 64-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "10.0.17%" AND ProductType="3"

Windows Server 2022 WMI

Windows Server 2022 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "10.0.20%" AND ProductType="2"
Windows Server 2022 – 64-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "10.0.20%" AND ProductType="3"

Windows Server 2025 WMI

Windows Server 2025 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "10.0.26%" AND ProductType="2"
Windows Server 2025 – 64-bit – non-DC
select * from Win32
OperatingSystem WHERE Version like "10.0.26%" AND ProductType="3"

Under Construction

Fedora Command ListUpdate Commands:
sudo dnf update
sudo dnf upgrade --refresh
--------------------------------
Install Snap:
sudo dnf install snapd
sudo ln -s /var/lib/snapd/snap /snap
--------------------------------
Install Flatpak:
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
------------------------------
Install OBSStudios:
flatpak install flathub com.obsproject.Studio -y
sudo dnf upgrade --refresh
------------------------------
Install OpenShot:
sudo dnf install openshot
------------------------------

How to install Nvidea Drivers

Install NVidea Drivers:
sudo dnf install kernel-devel kernel-headers gcc make dkms acpid libglvnd-glx libglvnd-opengl libglvnd-devel pkgconfig
------------------------------------------------
Free Driver (Open)
sudo dnf install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
------------------------------------------------
Offical NVidea Driver: (closed)
sudo dnf install https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
------------------------------------------------
Make the Driver the default:
sudo dnf makecache
sudo dnf install akmod-nvidia xorg-x11-drv-nvidia-cuda
------------------------------------------------
------------------------------------------------

Package Removal Instructions

DNF Removal:
sudo dnf remove Package Name
Snap Removal:
sudo snap remove Package Name
Flatpak Removal:
sudo flatpak remove Package Name

Fedora 41 - Community Reply Video

Update Commands:
sudo dnf update
sudo dnf upgrade --refresh
--------------------------------
Install Snap:
sudo dnf install snapd
sudo ln -s /var/lib/snapd/snap /snap
--------------------------------
Install Flatpak:
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
------------------------------
Install OBSStudios:
flatpak install flathub com.obsproject.Studio -y
sudo dnf upgrade --refresh
------------------------------
Install OpenShot:
sudo dnf install openshot
------------------------------

Package Removal Instructions

DNF Removal:
sudo dnf remove Package Name
Snap Removal:
sudo snap remove Package Name
Flatpak Removal:
sudo flatpak remove Package Name

Debian Repositories

Additional Repositories:
---------------------------------------------
RetroArch:
sudo add-apt-repository ppa:libretro/stable -y
---------------------------------------------
Xbox:
Sudo add-apt-repository ppa:mborgerson/xemu
---------------------------------------------
Firefox Official:
sudo add-apt-repository ppa:mozillateam/ppa
---------------------------------------------
YTDL:
sudo add-apt-repository ppa:tomtomtom/yt-dlp
---------------------------------------------
OBS Studios:
sudo add-apt-repository ppa:obsproject/obs-studio
---------------------------------------------
Steam:
sudo add-apt-repository-multiverse
---------------------------------------------
OpenShot:
sudo add-apt-repository ppa:openshot.developers/ppa -y
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------

SNAP LISTS (Debian, Fedora, ARCH)

Business SNAPS

Install Microsoft Teams
sudo snap install teams-for-linux
--------------------------------------------
Install Slack for Linux
sudo snap install slack
--------------------------------------------
Install VLC Player on Linux
sudo snap install vlc
--------------------------------------------
Install Discord
sudo snap install discord
--------------------------------------------
Snap Store:
sudo snap install snap-store
--------------------------------------------
Open Shot:
sudo snap install openshot-community
--------------------------------------------

Debian Gaming Emulators

Xbox:
sudo apt install xemu
------------------------------------------------
PS3:
Sudo snap install rpcs3-emu
------------------------------------------------
Genesis:
Sudo apt -y install higan
------------------------------------------------
WII:
sudo snap install dolphin-emulator --edge
----
WII-MOTE:
sudo apt install libcwiid1 lswm wmgui wminput
-----
sudo echo "uinput" Shift Period Shift Period /etc/modules
-----
sudo modprobe uinput
------------------------------------------------
SNES:
Sudo apt-get install zsnes
------------------------------------------------
N64:
sudo apt install mupen64plus-qt
------------------------------------------------
PS2:
sudo apt-get install pcsx2
------------------------------------------------
GameBoy Advanced:
sudo snap install visualboyadvance-m --beta
------------------------------------------------
Retro Arcade (arch)
sudo apt install software-properties-common apt-transport-https -y
---
sudo apt install retroarch -y
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------

Basic Fedora Software List

Install a different docking station:
sudo dnf install gnome-shell-extension-dash-to-dock
------------------------------------------------
More Docking station details:
https://extensions.gnome.org/extension/307/dash-to-dock/
------------------------------------------------
Install Snap:
sudo dnf install snapd
sudo dnf update
sudo ln -s /var/lib/snapd/snap /snap
------------------------------------------------
Special Note: Snap Store/App does not work right in Fedora.
------------------------------------------------
Install Steam: (Proton Only)
sudo dnf install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm -y
---
sudo dnf config-manager --enable fedora-cisco-openh264 -y
---
sudo dnf config-manager setopt fedora-cisco-openh264.enabled=1
---
sudo dnf install steam -y
------------------------------------------------
Install any .rpm:
rpm -ihv --nodeps package Name
------------------------------------------------
Driver issues:
rpm -qa | grep -e package name
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------

Debian Download Links
Deb Files

All .deb files can be installed by right-clicking and choosing to open with the "GDebi" Package installer.

Fedora Download Links
RPM Files

All .rpm files can be installed by right-clicking and choosing to open with the "Software" installer.

ISO LINKS - FEDORA BASED

ISO LINKS - MISC LINUX ISO

Under Construction

Build Script Details from Video

How to:
Get the Trusted Host (Workgroup Mode) list..
Get-Item WSMan:\localhost\Client\TrustedHosts
How to Set the Trust for WinRM communication:
(MachineA and MachineB)
Set-Item WSMan:\localhost\Client\TrustedHosts -Value 'machineA,machineB'
If the above does not work, or still throws an error, try the Asterisk.Set-Item WSMan:\localhost\Client\TrustedHosts -Value '*'Once you have everything on the domain, run the clear command on all boxes to reset the trust.Clear-Item -Path WSMan:\localhost\Client\TrustedHosts -Force

Setting up a share on Core Server

If you want to share a folder named "Bills" and you want to give it read, write and modify access, this is the command.Note: "Bill Access" is the name of the security group we created in AD.New-SmbShare –Name Bills –Path "C:\Network Share\Bills –changeaccess "bill access"If you have a share named "bills" and you want to give it full control.. this is the command (Not recommended, see video for details)New-SmbShare –Name Bills –Path "C:\Network Share\Bills –fullaccess "bill access"

Remove the Share if you screw up

Check your share from CMD: Net shareIf you screwed up the share..Remove-SmbShare -Name "Bills"

Use the links to return to Home or Watch the video

Under Construction

Windows WinGet

Powershell Command

Open Powershell as admin:Add-AppxPackage -RegisterByFamilyName -MainPackage Microsoft.DesktopAppInstaller_8wekyb3d8bbwe

To use the Winget commands:
Open CMD As Admin
(NOTE: you must be a local administrator for this to work, and cannot be logged in as a local user)
winget search (some kind of product)
winget install google.chrome
winget install valve.steam
winget install electronicarts.origin

To Remove an application:winget remove (application ID)
--silent (doesn't work)
NOTE: While Silent doesn't work on all applications, it does on some, and this process is much easier than stumbling through the GUI.

Welcome to all things Debian Wiki

Welcome to the debian Wiki

In this location you will find common commands for application installations that work on all flavors of Debian.

Install Snap:
sudo apt install snapd
--------------------------------------------
Search a snap:
sudo snap search snap name
--------------------------------------------
Install a snap:
sudo snap install package Name
--------------------------------------------
Remove a snap:
sudo snap remove Package Name
--------------------------------------------
Install Flatpak:
sudo apt install flatpak
--------------------------------------------
Search for a flatpak:
sudo flatpak search flatpak name
--------------------------------------------
install a flatpak:
sudo flatpak install flatpak name
--------------------------------------------
Remove a flatpak:
sudo flatpak remove flatpak Name
--------------------------------------------
Install Updates:
sudo apt update -y
sudo apt upgrade -y
--------------------------------------------
Install Apt Packages:
sudo apt install package Name
--------------------------------------------
Search Package names with Apt:
sudo apt search package type
(for instance: sudo apt search google)
--------------------------------------------
remove an apt:
sudo apt remove package name
--------------------------------------------
(NOTE: apt replaces apt-get, if you are on older builds you may need to use apt-get)

How to install XRDP on Mint

sudo apt install xrdp
sudo systemctl enable xrdp
sudo ufw allow 3389
sudo reboot now

Increase your Swap File

Make Page file 8GB (NOTE, you can make this 4GB, or 16GB, or modify whatever number you want of GB)
---------------------------------------------
sudo swapoff -a
---------------------------------------------
sudo fallocate -l 8G /swapfile
---------------------------------------------
sudo chmod 600 /swapfile
---------------------------------------------
sudo mkswap /swapfile
---------------------------------------------
sudo swapon /swapfile
---------------------------------------------
sudo swapon --show
---------------------------------------------

Use the links to return to Home or View Linux Software

See Link for Debian Wiki for more details

Non-Standard Package install details
(XP Version and 10 Version with Snap Packages)

The Snap store installation on this OS is slightly different.Use this process instead of what's in the debian Wiki:Install Snap Configuration:
sudo apt install snapd
---------------------------------------------
Fix the Menu Bug:
sudo apt install xfce4-appfinder -y
sudo apt install exo-utils -y
sudo apt install libexo* -y
sudo reboot now
----------------------------------------------
Follow any additional instructions in the Debian Wiki for more packages and install help.

Windows 10 Version

Things to Note

There's no default update gui package installed.You will likely need to use the gui to at least start the update process at first.sudo apt update
authenticate
At which point the gui should populate available updates. After doing this once I didn't need to do this again, and the Gui just worked.

Use the links to return to Home or Watch the videos, or download the ISO files and try this yourself

NixOS - Coming 2/20/25

How to Install Flatpak on NIX OS

Using Terminal Open
/etc/nixos/configuration.nix
sudo nano /etc/nixos/configuration.nixLocate the section that says "Services"Add this line:services.flatpak.enable = true;Control X to save, and y to save over the other fileNext run: (as sudo)
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
Lastly:
reboot

Command to install flatpaks

Same as all the other flavors of Linux..sudo flatpak search (app Name)
sudo flatpak install (app Name)
If you can't find the package, try to update the repository..sudo flatpak update

Command to install Nix Packages

Much like the Linux Versions of Debian and Fedora
where you get the:
sudo apt install vlc
--or--
sudo dnf install vlc
Nix has it's own application managerto install a nix, you would think sudo nix install vlc, but you would be wrong.Nix uses: sudo nix-env -i vlc to install the same application. (assuming the package exists on Nix)

Sample Bash Script for Debian

This is a sample BASH script created for an automated installation of Linux MINT

#!/bin/sh
# Welcome to the GenericTechSupport Youtube Channel Script, for installing Windows 11 Default Build Replacement applications, Please Note, you will need to install the Steam
# Application and the Snap Repository outside of this script. You Must install Snap before running this script, and must reboot, and must install the steam application after running
# this script and rebooting again. If you add the Steam store installation to this script it will cause the network drivers to fail, and cause the system to lose internet connection.
# You have been warned.
#
#
# To Follow the video save this file as applicationinstall.sh in the home directory
# Feel free to comment out whatever packages you don't want.
#
#
# Install Snap Repositories and updates prior to running this script.
# Snap update will require a reboot
# sudo mv /etc/apt/preferences.d/nosnap.pref ~/Documents/nosnap.backup
# sudo apt update
# sudo apt install snapd
# sudo snap install snap-store
#
#
# Also install VmWare Tools if you are installing this on vmware workstation or player, which will also require a reboot.
# sudo apt-get install open-vm-tools-desktop
# sudo apt-get install open-vm-tools
#
#
# update Repositories
sudo apt-get update
#
# Add the Multiverse repository, needed for steam
sudo add-apt-repository multiverse
#
# Add the Mozilla Repository, needed to update firefox.
sudo add-apt-repository ppa:mozillateam/ppa -y
#
# Add the YT DLP Repository, added for downloading media online.
sudo add-apt-repository ppa:tomtomtom/yt-dlp -y
#
# Add the OBS Project repository, needed for OBS-Studios
sudo add-apt-repository ppa:obsproject/obs-studio -y
#
# Add the OpenShot repository, needed for openshot video editing
sudo add-apt-repository ppa:openshot.developers/ppa -y
#
# download the Software needed for the apt repository
#
# Download the Office Apps debian application for office apps on o365
wget http://sourceforge.net/projects/microsoftonlineapps/files/v1.0.0/microsoftonlineapps.deb/download -P ./Downloads/Microsoft
#
# Download new Chrome, for Chrome Browser on Linux
wget https://dl.google.com/linux/direct/google-chrome-stablecurrentamd64.deb -P ./Downloads
#
# Download Zoom for Linux
wget https://zoom.us/client/6.3.1.5673/zoom_amd64.deb -P ./Downloads
#
# update the packages and repository options for next installation steps.
sudo apt-get update
#
# Install the Apt Repo Applications
#
# Install the Application YT Downloader
sudo apt-get install yt-dlp -y
#
# Install the OSB Studios Application
sudo apt-get install obs-studio -y
#
# Install the Openshot video Editor Software
sudo apt-get install openshot-qt python3-openshot -y
#
# Install the Custom Downloaded Packages
#
# Install the Microsoft Office Apps Package for Linux
sudo dpkg -i ~/Downloads/Microsoft/download
#
# Install the Chrome Browser on Linux
sudo dpkg -i ~/Downloads/google-chrome-stable.deb
#
# Install Zoom on Linux
sudo dpkg -i ~/Downloads/zoom
.deb
#
# Install the Snaps
#
# Install Microsoft Teams
sudo snap install teams-for-linux
#
# Install Slack for Linux
sudo snap install slack
#
# Install VLC Player on Linux
sudo snap install vlc
#
# Install the Discord application on Linux
sudo snap install discord
#
# Upgrade the packages to latest version
sudo apt-get update
sudo apt-get upgrade -y
#
# Cleanup all cached data, Low on drive space option.
# sudo apt-get clean
#
# Cleanup downloaded apt packages, Low on drive space option.
# rm -rf ./Downloads/*
#
# Fix any encountered errors, common issue on discord application for some reason..
sudo apt --fix-broken install -y
#
# Reboot the system
sudo reboot now
#
# You must reboot to install Steam, please grab the bellow line and install outside of this script.
#
#
# WARNING - Steam has a lot of dependencies and may cause issues with NIC and other drivers, make sure all updates are done and a reboot is complete before running install for steam.
# sudo apt-get update
# sudo apt-get upgrade -y
# sudo apt-get dist-upgrade -y
# sudo do-release-upgrade -y
# sudo apt-get install steam -y
#

Kali Video - 2/14/25

Application Name:dnsrecon -d nameofdomain.com

Output will provide deep troubleshooting details on DNS server or configuration.NOTE: This is for Website lookup or to troubleshoot your internal network, not designed for any illegal activity.

Raven Talon Debloater Tool - A full Dissection
Watch the breakdown on 2/25/25

!!!WARNING!!!

Before running the debloater scripts, make sure you have notepad++ and Firefox installed on your system. This was only tested on 24H2 as a clean build, use this at your own risk for pre-built systems.

This document contains the itemized process of cleaning up the bloat in stages, For a much easier process, use the Raven Talon "Debloater application" found on the Raven Git Website.

Please Donate to their project, it helps our tech community continue to develop free packages

Edge Pin Removal Script

Run the script as admin in Powershell and the Menu cleanup and
reboot afterwards:
------------------------------------------
function Unpin-App([string]$appname) {
((New-Object -Com Shell.Application).NameSpace('shell:::{4234d49b-0245-4df3-b780-3893943456e1}').Items() |
?{$.Name -eq $appname}).Verbs() | ?{$.Name.replace('&','') -match 'Unpin from taskbar'} | %{$_.DoIt()}
}
Unpin-App("Microsoft Edge")

Windows Menu Cleanup Windows 11

Run as admin in powershell or cmd, and reboot when completed.
---------------------------------------------
reg add "HKCU\Software\Classes\CLSID{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /f /ve

REBOOT NOW

Microsoft Edge Removal Powershell Script

Run the following as a PS1 file as admin

if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
Write-Host "This script must be run with administrator rights!" -ForegroundColor Red
Break
}
Write-Host "Edge Vanisher started" -ForegroundColor Yellow
Write-Host "Starting Microsoft Edge uninstallation process..." -ForegroundColor Yellow
Write-Host "Terminating Edge processes..." -ForegroundColor Cyan
$processes = Get-Process | Where-Object { $.Name -like "edge" }
if ($processes) {
$processes | ForEach-Object {
Write-Host "Terminated process: $($
.Name) (PID: $($.Id))" -ForegroundColor Cyan
}
$processes | Stop-Process -Force -ErrorAction SilentlyContinue
} else {
Write-Host "No running Edge processes found." -ForegroundColor Cyan
}
Write-Host "Uninstalling Edge with setup..." -ForegroundColor Cyan
$edgePath = "${env:ProgramFiles(x86)}\Microsoft\Edge\Application*\Installer etup.exe"
if (Test-Path $edgePath) {
Start-Process -FilePath $(Resolve-Path $edgePath) -ArgumentList "--uninstall --system-level --verbose-logging --force-uninstall" -Wait
}
Write-Host "Removing Start Menu shortcuts..." -ForegroundColor Cyan
$startMenuPaths = @(
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk",
"$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk",
"$env:ALLUSERSPROFILE\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk"
)
foreach ($path in $startMenuPaths) {
if (Test-Path $path) {
Write-Host "Deleting: $path" -ForegroundColor Cyan
Remove-Item -Path $path -Force -ErrorAction SilentlyContinue
if (!(Test-Path $path)) {
Write-Host "Successfully deleted: $path" -ForegroundColor Green
} else {
Write-Host "Failed to delete: $path" -ForegroundColor Red
}
}
}
Write-Host "Cleaning Edge folders..." -ForegroundColor Cyan
$edgePaths = @(
"$env:LOCALAPPDATA\Microsoft\Edge",
"$env:PROGRAMFILES\Microsoft\Edge",
"${env:ProgramFiles(x86)}\Microsoft\Edge",
"${env:ProgramFiles(x86)}\Microsoft\EdgeUpdate",
"${env:ProgramFiles(x86)}\Microsoft\EdgeCore",
"$env:LOCALAPPDATA\Microsoft\EdgeUpdate",
"$env:PROGRAMDATA\Microsoft\EdgeUpdate",
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk",
"$env:PUBLIC\Desktop\Microsoft Edge.lnk"
)
foreach ($path in $edgePaths) {
if (Test-Path $path) {
Write-Host "Cleaning: $path" -ForegroundColor Cyan
takeown /F $path /R /D Y | Out-Null
icacls $path /grant administrators:F /T | Out-Null
Remove-Item -Path $path -Recurse -Force -ErrorAction SilentlyContinue
}
}
Write-Host "Cleaning Edge registry entries..." -ForegroundColor Cyan
$edgeRegKeys = @(
"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge",
"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge Update",
"HKLM:\SOFTWARE\Microsoft\EdgeUpdate",
"HKCU:\Software\Microsoft\Edge",
"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\msedge.exe",
"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft EdgeUpdate",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft EdgeUpdate",
"HKLM:\SOFTWARE\Microsoft\Edge",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\Edge",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge Update"
)
foreach ($key in $edgeRegKeys) {
if (Test-Path $key) {
Write-Host "Deleting registry key: $key" -ForegroundColor Cyan
Remove-Item -Path $key -Recurse -Force -ErrorAction SilentlyContinue
if (!(Test-Path $key)) {
Write-Host "Successfully deleted registry key: $key" -ForegroundColor Green
} else {
Write-Host "Failed to delete registry key: $key" -ForegroundColor Red
}
}
}
$edgeUpdatePath = "${env:ProgramFiles(x86)}\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe"
if (Test-Path $edgeUpdatePath) {
Start-Process $edgeUpdatePath -ArgumentList "/uninstall" -Wait -ErrorAction SilentlyContinue
}
$services = @(
"edgeupdate",
"edgeupdatem",
"MicrosoftEdgeElevationService"
)
foreach ($service in $services) {
Stop-Service -Name $service -Force -ErrorAction SilentlyContinue
sc.exe delete $service
}
$edgeSetup = Get-ChildItem -Path "${env:ProgramFiles(x86)}\Microsoft\Edge\Application*\Installer etup.exe" -ErrorAction SilentlyContinue
if ($edgeSetup) {
Start-Process $edgeSetup.FullName -ArgumentList "--uninstall --system-level --verbose-logging --force-uninstall" -Wait
}
Stop-Process -Name explorer -Force -ErrorAction SilentlyContinue
Start-Process explorer
Write-Host "`nMicrosoft Edge uninstallation process completed!" -ForegroundColor Green
Write-Host "Creating protective Edge folders..." -ForegroundColor Cyan
$protectiveFolders = @(
@{
Base = "${env:ProgramFiles(x86)}\Microsoft\Edge"
App = "${env:ProgramFiles(x86)}\Microsoft\Edge\Application"
CreateSubFolder = $true
},
@{
Base = "${env:ProgramFiles(x86)}\Microsoft\EdgeCore"
CreateSubFolder = $false
}
)
foreach ($folder in $protectiveFolders) {
# Create folders
New-Item -Path $folder.Base -ItemType Directory -Force | Out-Null
if ($folder.CreateSubFolder) {
New-Item -Path $folder.App -ItemType Directory -Force | Out-Null
}
Write-Host "Processing protective folder: $($folder.Base)" -ForegroundColor Cyan
$currentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent().Namefolder only for EdgeCore
if (!$folder.CreateSubFolder) {
try {
$acl = New-Object System.Security.AccessControl.DirectorySecurity
$acl.SetOwner([System.Security.Principal.NTAccount]$currentUser)
$acl.SetAccessRuleProtection($true, $false)
including take ownership permission
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
$currentUser,
"FullControl,TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Allow"
)
$acl.AddAccessRule($accessRule)
permission for SYSTEM, Administrators and Trusted Installer
$systemSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-18")
$adminsSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
$trustedInstallerSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464")
$authenticatedUsersSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-11")
$denyRule1 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$systemSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$denyRule2 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$adminsSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$denyRule3 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$trustedInstallerSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$denyRule4 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$authenticatedUsersSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$acl.AddAccessRule($denyRule1)
$acl.AddAccessRule($denyRule2)
$acl.AddAccessRule($denyRule3)
$acl.AddAccessRule($denyRule4)
Set-Acl $folder.Base $acl -ErrorAction Stop
Write-Host "Success: $($folder.Base)" -ForegroundColor Green
}
catch {
Write-Host "Error occurred: $($folder.Base) - $
" -ForegroundColor Red
}
}
else {Get-ChildItem -Path $folder.Base -Recurse | ForEach-Object {
try {
$acl = New-Object System.Security.AccessControl.DirectorySecurity
$acl.SetOwner([System.Security.Principal.NTAccount]$currentUser)$acl.SetAccessRuleProtection($true, $false)permission including take ownership permission
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
$currentUser,
"FullControl,TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Allow"
)
$acl.AddAccessRule($accessRule)
$systemSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-18")
$adminsSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
$trustedInstallerSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464")
$authenticatedUsersSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-11")
$denyRule1 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$systemSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$denyRule2 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$adminsSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$denyRule3 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$trustedInstallerSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$denyRule4 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$authenticatedUsersSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$acl.AddAccessRule($denyRule1)
$acl.AddAccessRule($denyRule2)
$acl.AddAccessRule($denyRule3)
$acl.AddAccessRule($denyRule4)
Set-Acl $.FullName $acl -ErrorAction Stop
Write-Host "Success: $($
.FullName)" -ForegroundColor Green
}
catch {
Write-Host "Error occurred: $($.FullName) - $" -ForegroundColor Blue
}
}
}
}
Write-Host "Protective folders created and security settings configured for Edge and EdgeCore." -ForegroundColor Purple

NOTE: You will need to reboot after you run this.

Find your AppX Packages for your user

Run the following as a PS1 file as admin

mkdir c:\tools
Get-AppXPackage > C:\tools\AppXPackages.Log

Find your AppX Packages for Public Users

Run the following as a PS1 file as admin

mkdir c:\tools
Get-AppXPackage -allusers > C:\tools\AppXAllUsers.Log

Remove All AppX Packages from 24H2

Run the following as a PS1 file as admin

# Remove Applications HKCU (user Account)
Get-AppxPackage -name msteams | remove-appxpackage
Get-AppxPackage -name Microsoft.StorePurchaseApp | remove-appxpackage
Get-AppxPackage -name Microsoft.Todos | remove-appxpackage
Get-AppxPackage -name MicrosoftCorporationII.QuickAssist | remove-appxpackage
Get-AppxPackage -name Microsoft.YourPhone | remove-appxpackage
Get-AppxPackage -name Microsoft.XboxSpeechToTextOverlay | remove-appxpackage
Get-AppxPackage -name Microsoft.XboxGamingOverlay | remove-appxpackage
Get-AppxPackage -name Microsoft.Xbox.TCUI | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsSoundRecorder | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsFeedbackHub | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsCamera | remove-appxpackage
Get-AppxPackage -name Microsoft.Windows.Photos | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsCalculator | remove-appxpackage
Get-AppxPackage -name Microsoft.Windows.DevHome | remove-appxpackage
Get-AppxPackage -name Microsoft.WebpImageExtension | remove-appxpackage
Get-AppxPackage -name Microsoft.WebMediaExtensions | remove-appxpackage
Get-AppxPackage -name Microsoft.MicrosoftStickyNotes | remove-appxpackage
Get-AppxPackage -name Microsoft.MicrosoftSolitaireCollection | remove-appxpackage
Get-AppxPackage -name Microsoft.GetHelp | remove-appxpackage
Get-AppxPackage -name Microsoft.GamingApp | remove-appxpackage
Get-AppxPackage -name Microsoft.BingWeather | remove-appxpackage
Get-AppxPackage -name Microsoft.BingSearch | remove-appxpackage
Get-AppxPackage -name Microsoft.BingNews | remove-appxpackage
Get-AppxPackage -name Microsoft.MicrosoftEdge.Stable | remove-appxpackage
Get-AppxPackage -name Microsoft.Copilot | remove-appxpackage
Get-AppxPackage -name MicrosoftWindows.Client.WebExperience | remove-appxpackage
Get-AppxPackage -name Microsoft.zunemusic | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsStore | remove-appxpackage
Get-AppxPackage -name Microsoft.XboxIdentityProvider | remove-appxpackage
Get-AppxPackage -name Microsoft.ScreenSketch | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsAlarms | remove-appxpackage
Get-AppxPackage -name Microsoft.PowerAutomateDesktop | remove-appxpackage
Get-AppxPackage -name Microsoft.OutlookForWindows | remove-appxpackage
Get-AppxPackage -name Microsoft.MicrosoftOfficeHub | remove-appxpackage
#Remove Applications HKLM (Public)
Get-AppxPackage -allusers -name Microsoft.MicrosoftOfficeHub | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.MicrosoftEdge.Stable | remove-appxpackage
Get-AppxPackage -allusers -name Clipchamp.Clipchamp | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.BingNews | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.BingSearch | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.BingWeather | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.GamingApp | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.GetHelp | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.OutlookForWindows | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.PowerAutomateDesktop | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.ScreenSketch | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.StorePurchaseApp | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.Todos | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WebpImageExtension | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WebMediaExtensions | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.Windows.DevHome | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.Windows.Photos | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WindowsAlarms | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WindowsFeedbackHub | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WindowsSoundRecorder | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WindowsStore | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.Xbox.TCUI | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.XboxGamingOverlay | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.XboxIdentityProvider | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.XboxSpeechToTextOverlay | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.YourPhone | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.ZuneMusic | remove-appxpackage
Get-AppxPackage -allusers -name MicrosoftCorporationII.QuickAssist | remove-appxpackage
Get-AppxPackage -allusers -name MicrosoftWindows.Client.WebExperience | remove-appxpackage
Get-AppxPackage -allusers -name MicrosoftWindows.CrossDevice | remove-appxpackage
Get-AppxPackage -allusers -name MSTeams | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.Copilot | remove-appxpackage

REBOOT WHEN COMPLETED

Cleanup Task Scheduler 24H2

Run the following as a PS1 file as admin

Get-ScheduledTask -TaskPath "" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\AppID" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\Application Experience" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\ApplicationData" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\AppListBackup" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\BrokerInfrastructure" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\capabilityaccessmanager" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\CloudExperienceHost" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\CloudRestore" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\Offline Files" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\SystemRestore" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\XblGameSave\ " | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\DiskDiagnostic" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "Microsoft\Windows\Customer Experience Improvement program" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\Feedback\Siuf" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\Windows Error Reporting" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\Maps" | Disable-ScheduledTask

NOTE: THERE'S a BUG AS SHOWN IN THE VIDEO

REBOOT WHEN COMPLETED

Remove Onedrive 24H2

Run the following as a PS1 file as admin

Get-Process | Where-Object { $.ProcessName -like "onedrive" } | Stop-Process -Force
if (Test-Path "$env:SystemRoot\SysWOW64\OneDriveSetup.exe") {
& "$env:SystemRoot\SysWOW64\OneDriveSetup.exe" /uninstall
} elseif (Test-Path "$env:SystemRoot\System32\OneDriveSetup.exe") {
& "$env:SystemRoot\System32\OneDriveSetup.exe" /uninstall
}
@(
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk",
"$env:APPDATA\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk",
"$env:PUBLIC\Desktop\OneDrive.lnk",
"$env:USERPROFILE\Desktop\OneDrive.lnk",
"$env:USERPROFILE\OneDrive",
"$env:LOCALAPPDATA\Microsoft\OneDrive",
"$env:ProgramData\Microsoft\OneDrive",
"$env:SystemDrive\OneDriveTemp"
) | ForEach-Object { Remove-Item $
-Force -Recurse }@(
"HKCR:\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}",
"HKCR:\Wow6432Node\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}",
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
) | ForEach-Object { Remove-Item -Path $_ -Recurse -Force }
Get-Process explorer | Stop-Process -Force
Start-Sleep -Seconds 2
Start-Process explorer

REBOOT WHEN COMPLETED

Remove Microsoft Office 24H2

Run the following as a PS1 file as admin

Get-Process | Where-Object { $.ProcessName -like "outlook" } | Stop-Process -Force
Start-Sleep -Seconds 3
Get-AppxPackage Microsoft.Office.Outlook | Remove-AppxPackage
Get-AppxProvisionedPackage -Online | Where-Object {$
.PackageName -like "Microsoft.Office.Outlook"} | Remove-AppxProvisionedPackage -Online
Get-AppxPackage Microsoft.OutlookForWindows | Remove-AppxPackage
Get-AppxProvisionedPackage -Online | Where-Object {$.PackageName -like "Microsoft.OutlookForWindows"} | Remove-AppxProvisionedPackage -Online$windowsAppsPath = "C:\Program Files\WindowsApps"
$outlookFolders = Get-ChildItem -Path $windowsAppsPath -Directory | Where-Object { $
.Name -like "Microsoft.OutlookForWindows" }
foreach ($folder in $outlookFolders) {
$folderPath = Join-Path $windowsAppsPath $folder.Name
takeown /f $folderPath /r /d Y | Out-Null
icacls $folderPath /grant administrators:F /t | Out-Null
Remove-Item -Path $folderPath -Recurse -Force
}$shortcutPaths = @(
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk",
"$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Outlook.lnk",
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outlook.lnk",
"$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outlook.lnk",
"$env:PUBLIC\Desktop\Outlook.lnk",
"$env:USERPROFILE\Desktop\Outlook.lnk",
"$env:PUBLIC\Desktop\Microsoft Outlook.lnk",
"$env:USERPROFILE\Desktop\Microsoft Outlook.lnk",
"$env:PUBLIC\Desktop\Outlook (New).lnk",
"$env:USERPROFILE\Desktop\Outlook (New).lnk",
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (New).lnk",
"$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Outlook (New).lnk"
)
$shortcutPaths | ForEach-Object { Remove-Item $_ -Force }
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name "ShowTaskViewButton" -Value 0 -Type DWord -Force
$registryPaths = @(
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband",
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\TaskbarMRU",
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\TaskBar",
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
)
foreach ($path in $registryPaths) {
if (Test-Path $path) {
@("Favorites", "FavoritesResolve", "FavoritesChanges", "FavoritesRemovedChanges", "TaskbarWinXP", "PinnedItems") |
ForEach-Object { Remove-ItemProperty -Path $path -Name $_ -ErrorAction SilentlyContinue }
}
}
Remove-Item "$env:LOCALAPPDATA\Microsoft\Windows\Shell\LayoutModification.xml" -Force
Remove-Item "$env:LOCALAPPDATA\Microsoft\Windows\Explorer\iconcache
" -Force
Remove-Item "$env:LOCALAPPDATA\Microsoft\Windows\Explorer\thumbcache*" -ForceGet-Process explorer | Stop-Process -Force
Start-Sleep -Seconds 2
Start-Process explorer

REBOOT WHEN COMPLETED

Service Console Disable 24H2

Run the following as a bat file as admin

# Stops Xbox Accessory Integrations
sc config "xboxgipsvc" start=disabled
sc stop xboxgipsvc
# Stops Xbox Authentication Manager
sc config "XblAuthManager" start=disabled
sc stop XblAuthManager
# Stops Windows/Xbox Game Sync
sc config "XblGameSave" start=disabled
sc stop XblGameSave
# Stops Xbox Online sync
sc config "XboxNetApiSvc" start=disabled
sc stop XboxNetApiSvc
#stops Microsoft Account authentication
sc config "wlidsvc" start=disabled
sc stop wlidsvc
# Stops the AI Fabric Applications from connecting online
sc config "WSAIFabricSvc" start=disabled
sc stop WSAIFabricSvc
# Removes Syncing of all files accross all windows systems
sc config "workfolderssvc" start=disabled
sc stop workfolderssvc
# Removes Windows Store Push applications options
sc config "PushToInstall" start=disabled
sc stop PushToInstall
# Removes AI Camera options
sc config "perceptionsimulation" start=disabled
sc stop perceptionsimulation
# Disables Media Player File Share and Telemetery
sc config "WMPNetworkSvc" start=disabled
sc stop WMPNetworkSvc
# Removes the option for windows Insider Program to work
sc config "wisvc" start=disabled
sc stop wisvc
# Removes Windows Event Log access from online services from Microsoft.
sc config "Wecsvc" start=disabled
sc stop Wecsvc
# Disables remote camera access from 3rd party applications
sc config "FrameServer" start=disabled
sc stop FrameServer
# Disables Windows Hello, and removes biometric online data storage
sc config "WbioSrvc" start=disabled
sc stop WbioSrvc
# Disables Windows backup options
sc config "SDRSVC" start=disabled
sc stop SDRSVC
# Disables Wireless Docking Functions
sc config "WFDSConMgrSvc" start=disabled
sc stop WFDSConMgrSvc
# Removes Windows Wallet from storing financial data on microsoft servers
sc config "WalletService" start=disabled
sc stop WalletService
# Disables backups, system restore and data recovery methods.
sc config "VSS" start=disabled
sc stop VSS
# Disables access to user data for online roaming profiles.
sc config "UevAgentService" start=disabled
sc stop UevAgentService
# Provides online access to event logs
sc config "SNMPTrap" start=disabled
sc stop SNMPTrap
# Disables Smartcard access
sc config "SCPolicySvc" start=disabled
sc stop SCPolicySvc
# Disables Smartcard API access
sc config "ScDeviceEnum" start=disabled
sc stop ScDeviceEnum
# Disables Smart card reader
sc config "SCardSvr" start=disabled
sc stop SCardSvr
# Sets the lighting settings for monitors on bright or dim lighting.
sc config "SensrSvc" start=disabled
sc stop SensrSvc
# Removes System Demo Mode option
sc config "RetailDemo" start=disabled
sc stop RetailDemo
# Allows remote access to system without authentication
sc config "RasAuto" start=disabled
sc stop RasAuto
# Automatic Windows Help Services
sc config "TroubleshootingSvc" start=disabled
sc stop TroubleshootingSvc
# Automatic Data reporting (troubleshooting and Help)
sc config "wercplsupport" start=disabled
sc stop wercplsupport
# Used for stylus and touch screens.
sc config "PenService" start=disabled
sc stop PenService
sc config "PenService3395a" start=disabled
sc stop PenService
3395a
# Parental Controls
sc config "WpcMonSvc" start=disabled
sc stop WpcMonSvc
# Unknown Plan9 Server Services, only aware of this in Bell Labs 1980s.
sc config "P9RdrService" start=disabled
sc stop P9RdrService
sc config "P9RdrService3395a" Start=disabled
sc stop P9RdrService
3395a
# Disables offline file sync
sc config "CscService" start=disabled
sc stop CscService
# Location Awareness Service
sc config "NaturalAuthentication" start=disabled
sc stop NaturalAuthentication
# Microsoft Store Installation Automatic updater service
sc config "InstallService" start=disabled
sc stop InstallService
# Edge Disable Service
sc config "edgeupdatem" start=disabled
sc stop edgeupdatem
# More Edge stuff
sc config "edgeupdate" start=disabled
sc stop edgeupdate
# Engless Edge Garbage
sc config "MicrosoftEdgeElevationService" start=disabled
sc stop MicrosoftEdgeElevationService
# MS Cloud authentication and access
sc config "cloudidsvc" start=disabled
sc stop cloudidsvc
# MS Text messaging recording app
sc config "MessagingService" start=disabled
sc config "MessagingService3395a" start=disabled
sc config "DeviceAssociationBrokerSvc
3395a" start=disabled
sc stop MessagingService
sc stop DeviceAssociationBrokerSvc3395a
sc stop MessagingService
3395a
# Desktop Sharing Application
sc config "BcastDVRUserServic" start=disabled
sc stop BcastDVRUserService
sc config "BcastDVRUserService3395a" start=disabled
sc stop BcastDVRUserService
3395a
# Network Device discovery services
sc config "DevQueryBroker" start=disabled
sc stop DevQueryBroker
# Miracast Services
sc config "DevicePickerUserSvc" start=disabled
sc config "DevicePickerUserSvc3395a" start=disabled
sc stop DevicePickerUserSvc
3395a
sc stop DevicePickerUserSvc
# Automatic Credential Broker service
sc config "CredentialEnrollmentManagerUserSvc" start=disabled
sc config "CredentialEnrollmentManagerUserSvc3395a" start=disabled
sc stop CredentialEnrollmentManagerUserSvc
3395a
sc stop CredentialEnrollmentManagerUserSvcacd8f
# Allows Apps from the internet to access device location services
sc config "ConsentUxUserSvc" start=disabled
sc stop ConsentUxUserSvc
# Allows Apps from the internet to access device location services
sc config "ConsentUxUserSvc
3395a" start=disabled
sc stop ConsentUxUserSvc3395a
# disables Device api flow for user sync data with microsoft
sc config "DevicesFlowUserSvc
3395a" start=disabled
sc stop DevicesFlowUserSvc3395a
# Disables Capture service for screen scaping access from microsoft
sc config "CaptureService
3395a" start=disabled
sc stop CaptureService3395a
# disables Onedrive sync service
sc config "OneSyncSvc
3395a" start=disabled
sc stop OneSyncSvc_3395a
# disables Touch screen settings
sc config "TextInputManagementService" start=disabled
sc stop TextInputManagementService

NOTE: Certain Services with wildcards will need the second part of this script to be disabled.

24H2 Service Wildcard Disable

Run the following as a PS1 file as admin

get-service onesyncsvc* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service CaptureService* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service DevicesFlowUserSvc* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service CredentialEnrollmentManagerUserSvc* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service DevicePickerUserSvc* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service BcastDVRUserService* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service DeviceAssociationBrokerSvc* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service MessagingService* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service P9RdrService* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service PenService* | Stop-Service -Force | Set-Service -StartupType Disabled

REBOOT WHEN COMPLETED

GROUP POLICY CONFIGURATIONS

WILL BE RELEASED IN PART 2 OF TALON SCRIPT VIDEO

How to use your Mint System as a daily Driver office computer

Software Found in this video is located in Linux-Software Link

Step 1: Install all the updates and reboot

sudo apt update
sudo apt upgrade -y

Step 2: Download and install the Software shown in video

Step 3: Install the Mail Client Evolution

sudo apt install evolution
sudo apt install evolution-ews
sudo apt install update
sudo reboot now

How to configure O365 on Evolution Mail

Cross Over - Running EXE's on Linux Debian Based Systems

Coming 3/4/25

Bazzite - The knock-off SteamOS Gaming Platform for Amazon Handhelds

Coming 3/6/25

Garuda OS - The Arch Flavored Linux Gaming Platform

Coming 3/11/25

How to use Remote Desktop on Ubuntu and Mint?

Coming 3/18/25

Commands to Install Xrdp on Mint

sudo apt update
sudo apt upgrade -y
sudo apt install xrdp
sudo systemctl enable xrdp
sudo ufw allow 3389
sudo reboot now

How to Install a Free WIFI Heat Mapper on Ubuntu

Coming 3/25/25

Scripts to install Heatmapper

BASH SCRIPT NUMBER 1

#!/bin/sh
# Welcome to Part 1 of the GenericTechSupport Youtube Channel Script for setting up a heat mapper on Linux Mint Version 24.
sudo apt update
sudo apt upgrade -y
sudo swapoff -a
sudo fallocate -l 8G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo reboot now
#

BASH SCRIPT NUMBER 2

#!/bin/sh
# Welcome to Part 2 of the GenericTechSupport Youtube Channel Script for setting up a heat mapper on UBUNTU Version 24.
sudo apt install net-tools -y
sudo apt install python3-tk -y
sudo apt install python3-pip -y
sudo apt install python3-pil -y
sudo apt install speedtest-cli -y
sudo apt install python3-pil python3-pil.imagetk -y
sudo apt install iw -y
sudo apt install curl -y
sudo snap install tqdm
sudo snap install wireless-tools
sudo snap install speedtest
sudo reboot now
#

BASH SCRIPT NUMBER 3

#!/bin/sh
# Welcome to Part 3 of the GenericTechSupport Youtube Channel Script for setting up a heat mapper on UBUNTU Version 24.
sudo pip3 install numpy --break-system-packages
sudo pip3 install matplotlib --break-system-packages
sudo pip3 install whm --break-system-packages
sudo pip3 install scipy --break-system-packages
sudo pip3 install pysimpleGUI --break-system-packages
sudo pip3 install speedtest_cli --break-system-packages
sudo dpkg -s wireless-tools
curl -s https://packagecloud.io/install/repositories/ookla/speedtest-cli/script.deb.sh | sudo bash
sudo python3 -m pip install --force-reinstall --extra-index-url https://PySimpleGUI.net/install PySimpleGUI --break-system-packages
#

COMMON ERRORS

In some cases you may seePySimpleGUI is now located on a private PyPI server. Please add to your pip command: -i https://PySimpleGUI.net/installThe version you just installed should uninstalled:
python -m pip uninstall PySimpleGUI
python -m pip cache purge
Then install the latest from the private server:
python -m pip install --upgrade --extra-index-url https://PySimpleGUI.net/install PySimpleGUI
You can also force a reinstall using this command and it'll install the latest regardless of what you have installed currently
python -m pip install --force-reinstall --extra-index-url https://PySimpleGUI.net/install PySimpleGUI
Use python3 command if you're running on the Mac or Linux
Traceback (most recent call last):
File "/usr/local/bin/whm", line 5, in <module>
from wifiheatmapper.main import driver
File "/usr/local/lib/python3.12/dist-packages/wifiheatmapper/main.py", line 3, in <module>
from wifiheatmapper.gui import startgui
File "/usr/local/lib/python3.12/dist-packages/wifi
heatmapper/gui.py", line 5, in <module>
from wifi
heatmapper.graph import generategraph
File "/usr/local/lib/python3.12/dist-packages/wifiheatmapper/graph.py", line 5, in <module>
import matplotlib.pyplot as plt
ModuleNotFoundError: No module named 'matplotlib'

HOW TO FIX

Here's the commands to repair this:sudo python3 -m pip install --force-reinstall --extra-index-url https://PySimpleGUI.net/install PySimpleGUI --break-system-packages

HOW TO RUN IT

Here's the commands to run this:whm bootstrap --config NameTheNetworkYouAreTesting.json

Accept the 30 Day Trial:
NOTE: You can get a free license as a hobbyist, but if this is for commercial work, please pay the 99.99 fee.

Run this command again:whm bootstrap --config NameTheNetworkYouAreTesting.json

IF YOU GET THIS ERROR

Found existing installation: kiwisolver 0.0.0
ERROR: Cannot uninstall kiwisolver 0.0.0, RECORD file not found. Hint: The package was installed by debian.
TYPE THIS AS YOUR FIXpip3 install kiwisolver --force-reinstall --break-system-packagesNOTE: THIS ERROR IS DUE TO FAULTY WIFI NIC DRIVERS, IF YOU SEE THIS, THIS WILL NOT WORK CORRECTLY

FINALLY Run this command again:whm bootstrap --config NameTheNetworkYouAreTesting.json

YOU WILL GET THIS OUTPUT

OPEN ANOTHER TERMINAL

INTERFACE NAME

The interface name is the name listed to the left, you will need to grab that name, and enter it (Case Sensitive) into the other box, that interface should be your Wifi-Interface and press Enter.

Command: ifconfig

When prompted, click on Y for Yes to confirm the Adapter

When prompted, Enter No More than 2 for the number of passes.

Enter ALL When Prompted

Now create a rough diagram of the home, or office, and save it as a JPG file, I used PAINT on windows to do this, and it worked fine

Command to HeatMap

whm benchmark -m LivesInBox.jpg -c /home/user/home.json

SPECIAL NOTE

All videos are shot with VmWare Workstation Paid, however.. The Heat Mapper will only work on VirtualBox, Using VMware will cause you to use the Open-Vm Drivers for Ubuntu, which DO NOT WORK for heat mapping. If you need to run this virtual on a windows box, it will work, but you MUST use virtual box.