
The Generic Tech Support Youtube Channel
Welcome to The GenericTechSupport YouTube Channel.This website is dedicated to delivering valuable insights, strategies, and updates tailored to technical support professionals, business managers, and small business owners.Our focus is on providing practical, actionable information that enhances your understanding of technology and its application in today’s business landscape.Our goal is to maintain transparency while offering expert guidance for those looking to navigate the complexities of technology.Please subscribe on our Youtube Channel for weekly updates.Or feel free to reach out with any inquiries, collaboration opportunities, or if you’re in need of a reliable IT managed service provider.

Do you have an internal IT department but require the expertise of a senior engineer on a temporary basis?
One of the most significant challenges in IT is sourcing qualified engineering talent to address technical gaps as they arise.In many cases, it is unnecessary to hire a senior-level engineer for a full-time role when their expertise is only needed for advanced issues or temporary situations.Let GenericTechSupport provide the skilled support you need to fill that gap efficiently and cost-effectively.

Do you need internal IT?
Determining whether you need an internal IT department for your business depends on several factors, including the size of your business, the complexity of your technology needs, and your long-term goals. Here are a few considerations:1. Business Size and Growth: Small businesses with minimal IT infrastructure usually do not require a dedicated internal team, as outsourcing IT services can be more cost-effective.2. Technology Complexity: If your business does not rely heavily on complex systems, software, or data security, having an outsourced IT department can provide quick, tailored solutions for all businesses with simpler needs.3. Cost Efficiency: Internal IT departments come with overhead costs such as salaries, health insurance, training, and infrastructure. If your needs are more intermittent or specialized, outsourcing to GenericTechSupport may offer a more cost-effective solution without the burden of full-time staff.
Most outsourced IT will provide remote support at a fraction of the cost.4. Support Availability: Having an outsourced IT department allows for immediate emergency support. If your business operates in multiple locations or requires 24/7 support, an external remote team might be more suitable.
Ultimately, whether you need an internal IT department depends on your business’s specific needs and resources. GenericTechSupport can help you navigate a hybrid approach—keeping internal staff for day-to-day tasks while outsourcing specialized or high-level support as needed or a full remote approach
—going 100% outsourced.Please contact us for help!

Welcome to the GenericTechSupport Youtube Channel
ISO LINKS
Freeware Links
Channel Wiki Links
Video Links By Release Date
Bonus Content
In House Custom Project Specials
Latest Update: 4/1/25

Welcome To Granite XP ALPHA
PROJECT SCOPE
The Granite XP Project is nothing more than a central repository for all security settings for XP to attempt to make XP as secure or more secure than Windows 11 with NIST based Policy Assigned.
This project started as a proof of concept Video. But slowly as I realized that people actually needed the updates and the configurations to build gaming rigs, or to use as a hobby system, the idea was planted to make an XP system that could "in theory" not only match security configuration set by Microsoft on Windows 10, but to exceed the security requirements based on NIST 800-171 2024 Standards.
This Page will Document the process, what the hold-up's have been and when the Granite Package will finally be released to the public.
Set Backs
I Got A Rock: One (Main Hold-Up)
Big Impact: unfortunately it appears that Microsoft has revoked the Certificate on Windows XP that is required for XP to trust it's own updates, this as a result has caused the update application Process to fail, and throw an error that the NESSUS Scan picks up as Ransomware, even though it's not.
I Got A Rock: Two (Secondary Hold-UP)
Big Impact: Since Microsoft Killed the Certificate trust, the 2019 Domain Controller that created the Trusted Updates and the NIST Policy used a self Signed Cert, Since the Domain Is Dead, and the Servers are long Gone I need to figure out how to fix the Certificate and HASH values on the Updates so that windows XP will update them and not false report Ransomware to Windows AV Applications.
BIG WINS
Windows Updates (LIST)
Coming SOON!
The Granite XP Package Includes over 1000 Windows updates for Windows XP From All versions in One easy to install Package
BIG WINS
Enabling POS For Later Update Support
[HKEYLOCALMACHINE\SYSTEM\WPA\PosReady]
"Installed"=dword:00000001
Setting the SecEdit DB Location For Security
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit]
"LastUsedDatabase"="C:\WINDOWS\security\database\KB968930.sdb"
"TemplateUsed"="C:\WINDOWS\SECD5.tmp"
"EnvironmentVariables"=hex(7):25,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,\
25,00,00,00,25,00,55,00,73,00,65,00,72,00,50,00,72,00,6f,00,66,00,69,00,6c,\
00,65,00,25,00,00,00,25,00,41,00,6c,00,6c,00,55,00,73,00,65,00,72,00,73,00,\
50,00,72,00,6f,00,66,00,69,00,6c,00,65,00,25,00,00,00,25,00,50,00,72,00,6f,\
00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,00,65,00,73,00,25,00,00,00,25,00,\
53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,00,00,25,\
00,53,00,79,00,73,00,74,00,65,00,6d,00,44,00,72,00,69,00,76,00,65,00,25,00,\
00,00,25,00,54,00,65,00,6d,00,70,00,25,00,00,00,25,00,54,00,6d,00,70,00,25,\
00,00,00
"SetupCompDebugLevel"=dword:00000001
"DefaultTemplate"="C:\WINDOWS\inf\secrecs.inf"
"LastWinLogonConfig"=dword:5344fd3d
Setting Variables for Driver Signing
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Driver Signing/Policy]
"ValueType"=dword:00000003
"DisplayType"=dword:00000003
"DisplayName"="Devices: Unsigned driver installation behavior"
"DisplayChoices"=hex(7):30,00,7c,00,53,00,69,00,6c,00,65,00,6e,00,74,00,6c,00,\
79,00,20,00,73,00,75,00,63,00,63,00,65,00,65,00,64,00,20,00,00,00,31,00,7c,\
00,57,00,61,00,72,00,6e,00,20,00,62,00,75,00,74,00,20,00,61,00,6c,00,6c,00,\
6f,00,77,00,20,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,61,00,74,00,69,\
00,6f,00,6e,00,00,00,32,00,7c,00,44,00,6f,00,20,00,6e,00,6f,00,74,00,20,00,\
61,00,6c,00,6c,00,6f,00,77,00,20,00,69,00,6e,00,73,00,74,00,61,00,6c,00,6c,\
00,61,00,74,00,69,00,6f,00,6e,00,00,00,00,00
Disables Automatic Recovery
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Setup/RecoveryConsole/SecurityLevel]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Recovery console: Allow automatic administrative logon"
Disable Floppy Access to Drivers
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Setup/RecoveryConsole/SetCommand]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Recovery console: Allow floppy copy and access to all drives and all folders"
Restrict CD Access to Local Users Only
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/AllocateCDRoms]
"ValueType"=dword:00000001
"DisplayType"=dword:00000000
"DisplayName"="Devices: Restrict CD-ROM access to locally logged-on user only"
Define Only Admin Access to Eject Hardware
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/AllocateDASD]
"ValueType"=dword:00000001
"DisplayType"=dword:00000003
"DisplayName"="Devices: Allowed to format and eject removable media"
"DisplayChoices"=hex(7):30,00,7c,00,41,00,64,00,6d,00,69,00,6e,00,69,00,73,00,\
74,00,72,00,61,00,74,00,6f,00,72,00,73,00,00,00,31,00,7c,00,41,00,64,00,6d,\
00,69,00,6e,00,69,00,73,00,74,00,72,00,61,00,74,00,6f,00,72,00,73,00,20,00,\
61,00,6e,00,64,00,20,00,50,00,6f,00,77,00,65,00,72,00,20,00,55,00,73,00,65,\
00,72,00,73,00,00,00,32,00,7c,00,41,00,64,00,6d,00,69,00,6e,00,69,00,73,00,\
74,00,72,00,61,00,74,00,6f,00,72,00,73,00,20,00,61,00,6e,00,64,00,20,00,49,\
00,6e,00,74,00,65,00,72,00,61,00,63,00,74,00,69,00,76,00,65,00,20,00,55,00,\
73,00,65,00,72,00,73,00,00,00,00,00
Local Admin Access Floppy Only
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/AllocateFloppies]
"ValueType"=dword:00000001
"DisplayType"=dword:00000000
"DisplayName"="Devices: Restrict floppy access to locally logged-on user only"
Cached Logons
SPECIAL NOTE: Since we don't have an active Domain Controller, Logons are not set to Cached, and not set to require a DC to work, as such this setting is an accepted Risk in workgroup Mode.
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/CachedLogonsCount]
"ValueType"=dword:00000001
"DisplayType"=dword:00000001
"DisplayName"="Interactive logon: Number of previous logons to cache (in case domain controller is not available)"
"DisplayUnit"="logons"
Cached Computer Accounts
SPECIAL NOTE: Since we don't have an active Domain Controller, Logons are not set to Cached, and not set to require a DC to work, as such this setting is an accepted Risk in workgroup Mode.
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/ForceUnlockLogon]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Interactive logon: Require Domain Controller authentication to unlock workstation"
Prompt Users to Change Passwords 4-Days In Advance
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/PasswordExpiryWarning]
"ValueType"=dword:00000004
"DisplayType"=dword:00000001
"DisplayName"="Interactive logon: Prompt user to change password before expiration"
"DisplayUnit"="days
Disable Smart Card Access
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/ScRemoveOption]
"ValueType"=dword:00000001
"DisplayType"=dword:00000003
"DisplayName"="Interactive logon: Smart card removal behavior"
"DisplayChoices"=hex(7):30,00,7c,00,4e,00,6f,00,20,00,41,00,63,00,74,00,69,00,\
6f,00,6e,00,00,00,31,00,7c,00,4c,00,6f,00,63,00,6b,00,20,00,57,00,6f,00,72,\
00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,32,00,7c,00,46,00,\
6f,00,72,00,63,00,65,00,20,00,4c,00,6f,00,67,00,6f,00,66,00,66,00,00,00,00,\
00
Require Control+Alt+Del to Logon
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DisableCAD]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Interactive logon: Do not require CTRL+ALT+DEL"
Disable Display Last User Logon
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DontDisplayLastUserName]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Interactive logon: Do not display last user name"
Do Not Display Locked User Account Name
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DontDisplayLockedUserId]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="Interactive logon: Display user information when the session is locked"
"DisplayChoices"=hex(7):31,00,7c,00,55,00,73,00,65,00,72,00,20,00,64,00,69,00,\
73,00,70,00,6c,00,61,00,79,00,20,00,6e,00,61,00,6d,00,65,00,2c,00,20,00,64,\
00,6f,00,6d,00,61,00,69,00,6e,00,20,00,61,00,6e,00,64,00,20,00,75,00,73,00,\
65,00,72,00,20,00,6e,00,61,00,6d,00,65,00,73,00,00,00,32,00,7c,00,55,00,73,\
00,65,00,72,00,20,00,64,00,69,00,73,00,70,00,6c,00,61,00,79,00,20,00,6e,00,\
61,00,6d,00,65,00,20,00,6f,00,6e,00,6c,00,79,00,00,00,33,00,7c,00,44,00,6f,\
00,20,00,6e,00,6f,00,74,00,20,00,64,00,69,00,73,00,70,00,6c,00,61,00,79,00,\
20,00,75,00,73,00,65,00,72,00,20,00,69,00,6e,00,66,00,6f,00,72,00,6d,00,61,\
00,74,00,69,00,6f,00,6e,00,00,00,00,00
Display Banner for Logon
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/LegalNoticeCaption]
"ValueType"=dword:00000001
"DisplayType"=dword:00000002
"DisplayName"="Interactive logon: Message title for users attempting to log on"
Use Message Text for Logging on Users
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/LegalNoticeText]
"ValueType"=dword:00000007
"DisplayType"=dword:00000004
"DisplayName"="Interactive logon: Message text for users attempting to log on"
Disable CAC Card Requirement
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/ScForceOption]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Interactive logon: Require smart card"
Disable Shutdown without Logon
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/ShutdownWithoutLogon]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Shutdown: Allow system to be shut down without having to log on"
Disable Undock without logon
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/UndockWithoutLogon]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Devices: Allow undock without having to log on"
Define Access to DCOM Users and Admins
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/SOFTWARE/policies/Microsoft/windows NT/DCOM/MachineAccessRestriction]
"ValueType"=dword:00000001
"DisplayType"=dword:00000002
"DisplayName"="DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax"
System Audit Event Configuration
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/AuditBaseObjects]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Audit: Audit the access of global system objects"
Shutdown System Immediately if Audit is disabled
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/CrashOnAuditFail]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Audit: Shut down system immediately if unable to log security audits"
Disable Domain Stored Credentials
SPECIAL NOTE: Since we don't have an active Domain Controller, Logons are set to disabled in Domain Passport Options, This would be enabled and Encrypted in a DC controlled system on Windows 10/11
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/DisableDomainCreds]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Network access: Do not allow storage of credentials or .NET Passports for network authentication"
Disable Allow Everyone Access to Shares
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/EveryoneIncludesAnonymous]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Network access: Let Everyone permissions apply to anonymous users"
Force FIPS 140-3 Encryption
SPECIAL NOTE: This was never an option in XP, and requries the Updates in the Configuration to work correctly. Failure to run updates will fail to secure this configuration.
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/FIPSAlgorithmPolicy]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing"
Disable Windows Guest Access
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/ForceGuest]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="Network access: Sharing and security model for local accounts"
"DisplayChoices"=hex(7):30,00,7c,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,\
20,00,2d,00,20,00,6c,00,6f,00,63,00,61,00,6c,00,20,00,75,00,73,00,65,00,72,\
00,73,00,20,00,61,00,75,00,74,00,68,00,65,00,6e,00,74,00,69,00,63,00,61,00,\
74,00,65,00,20,00,61,00,73,00,20,00,74,00,68,00,65,00,6d,00,73,00,65,00,6c,\
00,76,00,65,00,73,00,00,00,31,00,7c,00,47,00,75,00,65,00,73,00,74,00,20,00,\
6f,00,6e,00,6c,00,79,00,20,00,2d,00,20,00,6c,00,6f,00,63,00,61,00,6c,00,20,\
00,75,00,73,00,65,00,72,00,73,00,20,00,61,00,75,00,74,00,68,00,65,00,6e,00,\
74,00,69,00,63,00,61,00,74,00,65,00,20,00,61,00,73,00,20,00,47,00,75,00,65,\
00,73,00,74,00,00,00,00,00
Audit All Access to Shadow Copy Services
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/FullPrivilegeAuditing]
"ValueType"=dword:00000003
"DisplayType"=dword:00000000
"DisplayName"="Audit: Audit the use of Backup and Restore privilege"
Disable Blank Password Access
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/LimitBlankPasswordUse]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Accounts: Limit local account use of blank passwords to console logon only"
Set LANMAN Encryption Level to Windows 10
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/LmCompatibilityLevel]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="Network security: LAN Manager authentication level"
"DisplayChoices"=hex(7):30,00,7c,00,53,00,65,00,6e,00,64,00,20,00,4c,00,4d,00,\
20,00,26,00,20,00,4e,00,54,00,4c,00,4d,00,20,00,72,00,65,00,73,00,70,00,6f,\
00,6e,00,73,00,65,00,73,00,00,00,31,00,7c,00,53,00,65,00,6e,00,64,00,20,00,\
4c,00,4d,00,20,00,26,00,20,00,4e,00,54,00,4c,00,4d,00,20,00,2d,00,20,00,75,\
00,73,00,65,00,20,00,4e,00,54,00,4c,00,4d,00,76,00,32,00,20,00,73,00,65,00,\
73,00,73,00,69,00,6f,00,6e,00,20,00,73,00,65,00,63,00,75,00,72,00,69,00,74,\
00,79,00,20,00,69,00,66,00,20,00,6e,00,65,00,67,00,6f,00,74,00,69,00,61,00,\
74,00,65,00,64,00,00,00,32,00,7c,00,53,00,65,00,6e,00,64,00,20,00,4e,00,54,\
00,4c,00,4d,00,20,00,72,00,65,00,73,00,70,00,6f,00,6e,00,73,00,65,00,20,00,\
6f,00,6e,00,6c,00,79,00,00,00,33,00,7c,00,53,00,65,00,6e,00,64,00,20,00,4e,\
00,54,00,4c,00,4d,00,76,00,32,00,20,00,72,00,65,00,73,00,70,00,6f,00,6e,00,\
73,00,65,00,20,00,6f,00,6e,00,6c,00,79,00,00,00,34,00,7c,00,53,00,65,00,6e,\
00,64,00,20,00,4e,00,54,00,4c,00,4d,00,76,00,32,00,20,00,72,00,65,00,73,00,\
70,00,6f,00,6e,00,73,00,65,00,20,00,6f,00,6e,00,6c,00,79,00,5c,00,72,00,65,\
00,66,00,75,00,73,00,65,00,20,00,4c,00,4d,00,00,00,35,00,7c,00,53,00,65,00,\
6e,00,64,00,20,00,4e,00,54,00,4c,00,4d,00,76,00,32,00,20,00,72,00,65,00,73,\
00,70,00,6f,00,6e,00,73,00,65,00,20,00,6f,00,6e,00,6c,00,79,00,5c,00,72,00,\
65,00,66,00,75,00,73,00,65,00,20,00,4c,00,4d,00,20,00,26,00,20,00,4e,00,54,\
00,4c,00,4d,00,00,00,00,00
Set NTLM Security SSP Session
SPECIAL NOTE: Unfortunately this Key is Revoked by Microsoft As it was built under Windows 2019 Server. This is noted in the section above as a big issue, Uncertain if this will cause any other issues in the future.
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/MSV1_0/NTLMMinClientSec]
"ValueType"=dword:00000004
"DisplayType"=dword:00000005
"DisplayName"="Network security: Minimum session security for NTLM SSP based (including secure RPC) clients"
"DisplayFlags"=hex(7):31,00,36,00,7c,00,52,00,65,00,71,00,75,00,69,00,72,00,65,\
00,20,00,6d,00,65,00,73,00,73,00,61,00,67,00,65,00,20,00,69,00,6e,00,74,00,\
65,00,67,00,72,00,69,00,74,00,79,00,00,00,33,00,32,00,7c,00,52,00,65,00,71,\
00,75,00,69,00,72,00,65,00,20,00,6d,00,65,00,73,00,73,00,61,00,67,00,65,00,\
20,00,63,00,6f,00,6e,00,66,00,69,00,64,00,65,00,6e,00,74,00,69,00,61,00,6c,\
00,69,00,74,00,79,00,00,00,35,00,32,00,34,00,32,00,38,00,38,00,7c,00,52,00,\
65,00,71,00,75,00,69,00,72,00,65,00,20,00,4e,00,54,00,4c,00,4d,00,76,00,32,\
00,20,00,73,00,65,00,73,00,73,00,69,00,6f,00,6e,00,20,00,73,00,65,00,63,00,\
75,00,72,00,69,00,74,00,79,00,00,00,35,00,33,00,36,00,38,00,37,00,30,00,39,\
00,31,00,32,00,7c,00,52,00,65,00,71,00,75,00,69,00,72,00,65,00,20,00,31,00,\
32,00,38,00,2d,00,62,00,69,00,74,00,20,00,65,00,6e,00,63,00,72,00,79,00,70,\
00,74,00,69,00,6f,00,6e,00,00,00,00,00
Set NTLM Security SSP Session Minimum
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/MSV1_0/NTLMMinServerSec]
"ValueType"=dword:00000004
"DisplayType"=dword:00000005
"DisplayName"="Network security: Minimum session security for NTLM SSP based (including secure RPC) servers"
"DisplayFlags"=hex(7):31,00,36,00,7c,00,52,00,65,00,71,00,75,00,69,00,72,00,65,\
00,20,00,6d,00,65,00,73,00,73,00,61,00,67,00,65,00,20,00,69,00,6e,00,74,00,\
65,00,67,00,72,00,69,00,74,00,79,00,00,00,33,00,32,00,7c,00,52,00,65,00,71,\
00,75,00,69,00,72,00,65,00,20,00,6d,00,65,00,73,00,73,00,61,00,67,00,65,00,\
20,00,63,00,6f,00,6e,00,66,00,69,00,64,00,65,00,6e,00,74,00,69,00,61,00,6c,\
00,69,00,74,00,79,00,00,00,35,00,32,00,34,00,32,00,38,00,38,00,7c,00,52,00,\
65,00,71,00,75,00,69,00,72,00,65,00,20,00,4e,00,54,00,4c,00,4d,00,76,00,32,\
00,20,00,73,00,65,00,73,00,73,00,69,00,6f,00,6e,00,20,00,73,00,65,00,63,00,\
75,00,72,00,69,00,74,00,79,00,00,00,35,00,33,00,36,00,38,00,37,00,30,00,39,\
00,31,00,32,00,7c,00,52,00,65,00,71,00,75,00,69,00,72,00,65,00,20,00,31,00,\
32,00,38,00,2d,00,62,00,69,00,74,00,20,00,65,00,6e,00,63,00,72,00,79,00,70,\
00,74,00,69,00,6f,00,6e,00,00,00,00,00
Set Default System Owner to Administrators Accounts
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/NoDefaultAdminOwner]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="System objects: Default owner for objects created by members of the Administrators group"
"DisplayChoices"=hex(7):30,00,7c,00,41,00,64,00,6d,00,69,00,6e,00,69,00,73,00,\
74,00,72,00,61,00,74,00,6f,00,72,00,73,00,20,00,67,00,72,00,6f,00,75,00,70,\
00,00,00,31,00,7c,00,4f,00,62,00,6a,00,65,00,63,00,74,00,20,00,63,00,72,00,\
65,00,61,00,74,00,6f,00,72,00,00,00,00,00
Do not store UnEncrypted Passwords in Password Manager
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/NoLMHash]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Network security: Do not store LAN Manager hash value on next password change"
Do not allow Anonymous enumeration of SAM Accounts and Shares
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/RestrictAnonymous]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Network access: Do not allow anonymous enumeration of SAM accounts and shares"
Allow Server Operators to Modify Scheduled Tasks
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Lsa/SubmitControl]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain controller: Allow server operators to schedule tasks"
Allow Authenticated Users to Install Print Drivers (Print Nightmare Fix)
SPECIAL NOTE: While this fix may work on 10/11 It likely will not work on XP, but is required for the NESSUS Scanner
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Print/Providers/LanMan Print Services/Servers/AddPrinterDrivers]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Devices: Prevent users from installing printer drivers"
Secure and Encrypt System Shares
SPECIAL NOTE: WARNING!!! IF this System was added back to a domain, you need the STIG Fix for Hardened Security Path to access Domain Shares after this fix.
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/SecurePipeServers/Winreg/AllowedPaths/Machine]
"ValueType"=dword:00000007
"DisplayType"=dword:00000004
"DisplayName"="Network access: Remotely accessible registry paths"
Forces Case Sensitive Access when Integrating UNIX/LINUX systems
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Session Manager/Kernel/ObCaseInsensitive]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="System objects: Require case insensitivity for non-Windows subsystems"
Do Not Clear System Page File on Boot
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Session Manager/Memory Management/ClearPageFileAtShutdown]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Shutdown: Clear virtual memory pagefile"
Force AES 265 Encryption on System Internal Objects
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Control/Session Manager/ProtectionMode]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)"
Set Idle Lockout Time
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/AutoDisconnect]
"ValueType"=dword:00000004
"DisplayType"=dword:00000001
"DisplayName"="Microsoft network server: Amount of idle time required before suspending session"
"DisplayUnit"="minutes"
Set User Idle timeout action
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/EnableForcedLogOff]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Microsoft network server: Disconnect clients when logon hours expire"
Force Digital Signature on Communication
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/EnableSecuritySignature]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Microsoft network server: Digitally sign communications (if client agrees)"
Disable Anonymous Network Access
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/NullSessionPipes]
"ValueType"=dword:00000007
"DisplayType"=dword:00000004
"DisplayName"="Network access: Named Pipes that can be accessed anonymously"
Disable Anonymous Share Access
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/NullSessionShares]
"ValueType"=dword:00000007
"DisplayType"=dword:00000004
"DisplayName"="Network access: Shares that can be accessed anonymously"
Only Allow Signed Share Access
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanManServer/Parameters/RequireSecuritySignature]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Microsoft network server: Digitally sign communications (always)"
Do Not Allow UnEncrypted Passwords on the network
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanmanWorkstation/Parameters/EnablePlainTextPassword]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Microsoft network client: Send unencrypted password to third-party SMB servers"
Do Not Allow Client to Disable Encrypted Communication
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LanmanWorkstation/Parameters/EnableSecuritySignature]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Microsoft network client: Digitally sign communications (if server agrees)"
Require All LDAP Communication be Encrypted
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/LDAP/LDAPClientIntegrity]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="Network security: LDAP client signing requirements"
"DisplayChoices"=hex(7):30,00,7c,00,4e,00,6f,00,6e,00,65,00,00,00,31,00,7c,00,\
4e,00,65,00,67,00,6f,00,74,00,69,00,61,00,74,00,65,00,20,00,73,00,69,00,67,\
00,6e,00,69,00,6e,00,67,00,00,00,32,00,7c,00,52,00,65,00,71,00,75,00,69,00,\
72,00,65,00,20,00,73,00,69,00,67,00,6e,00,69,00,6e,00,67,00,00,00,00,00
Require Passwords be 8 Characters Minimum and meet Compliance Standards of NIST
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/DisablePasswordChange]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain member: Disable machine account password changes"[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/MaximumPasswordAge]
"ValueType"=dword:00000004
"DisplayType"=dword:00000001
"DisplayName"="Domain member: Maximum machine account password age"
"DisplayUnit"="days"[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/RefusePasswordChange]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain controller: Refuse machine account password changes"[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/RequireSignOrSeal]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain member: Digitally encrypt or sign secure channel data (always)"[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/RequireStrongKey]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain member: Require strong (Windows 2000 or later) session key"
Force Secure Signing of Channel Data Required
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/SealSecureChannel]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain member: Digitally encrypt secure channel data (when possible)"[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/SignSecureChannel]
"ValueType"=dword:00000004
"DisplayType"=dword:00000000
"DisplayName"="Domain member: Digitally sign secure channel data (when possible)"[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/NTDS/Parameters/LDAPServerIntegrity]
"ValueType"=dword:00000004
"DisplayType"=dword:00000003
"DisplayName"="Domain controller: LDAP server signing requirements"
"DisplayChoices"=hex(7):31,00,7c,00,4e,00,6f,00,6e,00,65,00,00,00,32,00,7c,00,\
52,00,65,00,71,00,75,00,69,00,72,00,65,00,20,00,73,00,69,00,67,00,6e,00,69,\
00,6e,00,67,00,00,00,00,00
Force Google Chrome TLS 1.2 SSL 3.0
SPECIAL NOTE: WARNING!!! WINDOWS XP WAS NEVER DESIGNED TO RUN THIS VERSION OF CHROME, THIS REQUIRES ADDITIONAL SOFTWARE
[HKEYLOCALMACHINE\SOFTWARE\Policies\Google\Chrome]
"RemoteAccessHostFirewallTraversal"=dword:00000000
"DefaultPopupsSetting"=dword:00000002
"DefaultGeolocationSetting"=dword:00000002
"DefaultSearchProviderName"="Google Encrypted"
"DefaultSearchProviderEnabled"=dword:00000001
"PasswordManagerEnabled"=dword:00000000
"BackgroundModeEnabled"=dword:00000000
"SyncDisabled"=dword:00000001
"CloudPrintProxyEnabled"=dword:00000000
"MetricsReportingEnabled"=dword:00000000
"SearchSuggestEnabled"=dword:00000000
"ImportSavedPasswords"=dword:00000000
"IncognitoModeAvailability"=dword:00000001
"SavingBrowserHistoryDisabled"=dword:00000000
"AllowDeletingBrowserHistory"=dword:00000000
"PromptForDownloadLocation"=dword:00000001
"AutoplayAllowed"=dword:00000000
"SafeBrowsingExtendedReportingEnabled"=dword:00000000
"DefaultWebUsbGuardSetting"=dword:00000002
"ChromeCleanupEnabled"=dword:00000000
"ChromeCleanupReportingEnabled"=dword:00000000
"EnableMediaRouter"=dword:00000000
"UrlKeyedAnonymizedDataCollectionEnabled"=dword:00000000
"WebRtcEventLogCollectionAllowed"=dword:00000000
"NetworkPredictionOptions"=dword:00000002
"DeveloperToolsAvailability"=dword:00000002
"BrowserGuestModeEnabled"=dword:00000000
"AutofillCreditCardEnabled"=dword:00000000
"AutofillAddressEnabled"=dword:00000000
"ImportAutofillFormData"=dword:00000000
"SafeBrowsingProtectionLevel"=dword:00000001
"DefaultSearchProviderSearchURL"="https://www.google.com/search?q={searchTerms}"
"DownloadRestrictions"=dword:00000001
"DefaultWebBluetoothGuardSetting"=dword:00000002
"QuicAllowed"=dword:00000000
"EnableOnlineRevocationChecks"=dword:00000001
"SSLVersionMin"="tls1.2"
Windows 10 IE Standards
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel]
"History"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Download]
"RunInvalidSignatures"=dword:00000000
"CheckExeSignatures"="yes"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds]
"DisableEnclosureDownload"=dword:00000001
"AllowBasicAuthInClear"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\IEDevTools]
"Disabled"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main]
"NotifyDisableIEOptions"=dword:00000000
"DisableEPMCompat"=dword:00000001
"Isolation64Bit"=dword:00000001
"Isolation"="PMEM"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATUREDISABLEMKPROTOCOL]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATUREMIMEHANDLING]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATUREMIMESNIFFING]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURERESTRICTACTIVEXINSTALL]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURERESTRICTFILEDOWNLOAD]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURESECURITYBAND]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATUREWINDOWRESTRICTIONS]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATUREZONEELEVATION]
"(Reserved)"="1"
"explorer.exe"="1"
"iexplore.exe"="1"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter]
"PreventOverride"=dword:00000001
"PreventOverrideAppRepUnknown"=dword:00000001
"EnabledV9"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Privacy]
"ClearBrowsingHistoryOnExit"=dword:00000000
"CleanHistory"=dword:00000000
"EnableInPrivateBrowsing"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions]
"NoCrashDetection"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security]
"DisableSecuritySettingsCheck"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security\ActiveX]
"BlockNonAdminActiveXInstall"=dword:00000001
Windows 10 MS EDGE Standards
SPECIAL NOTE: WARNING!!! WINDOWS XP WAS NEVER DESIGNED TO RUN THIS VERSION OF EDGE.
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Internet Settings]
"PreventCertErrorOverrides"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main]
"FormSuggest Passwords"="no"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter]
"PreventOverrideAppRepUnknown"=dword:00000001
Set Hardware Sleep Timers
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Power][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Power\PowerSettings][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51]
"DCSettingIndex"=dword:00000001
"ACSettingIndex"=dword:00000001
Set Internet Options and Internet Settings
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
"Securityzonesmapedit"=dword:00000001
"Securityoptionsedit"=dword:00000001
"SecurityHKLMonly"=dword:00000001
"PreventIgnoreCertErrors"=dword:00000001
"CertificateRevocation"=dword:00000001
"WarnOnBadCertRecving"=dword:00000001
"EnableSSL3Fallback"=dword:00000000
"SecureProtocols"=dword:00000800[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LockdownZones][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LockdownZones\0]
"1C00"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LockdownZones\1]
"1C00"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LockdownZones\2]
"1C00"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LockdownZones\4]
"1C00"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Url History]
"DaysToKeep"=dword:00000028[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"UNCAsIntranet"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]
"270C"=dword:00000000
"1C00"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]
"270C"=dword:00000000
"1201"=dword:00000003
"1C00"=dword:00010000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]
"270C"=dword:00000000
"1201"=dword:00000003
"1C00"=dword:00010000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
"1406"=dword:00000003
"1407"=dword:00000003
"1802"=dword:00000003
"2402"=dword:00000003
"120b"=dword:00000003
"120c"=dword:00000003
"1206"=dword:00000003
"2102"=dword:00000003
"1209"=dword:00000003
"2103"=dword:00000003
"2200"=dword:00000003
"270C"=dword:00000000
"1001"=dword:00000003
"1004"=dword:00000003
"2709"=dword:00000003
"2708"=dword:00000003
"160A"=dword:00000003
"1201"=dword:00000003
"1C00"=dword:00000000
"1804"=dword:00000003
"1A00"=dword:00010000
"1607"=dword:00000003
"2004"=dword:00000003
"2001"=dword:00000003
"1806"=dword:00000001
"1409"=dword:00000000
"2500"=dword:00000000
"2301"=dword:00000000
"1809"=dword:00000000
"1606"=dword:00000003
"2101"=dword:00000003
"140C"=dword:00000003[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4]
"1406"=dword:00000003
"1400"=dword:00000003
"2000"=dword:00000003
"1407"=dword:00000003
"1802"=dword:00000003
"1803"=dword:00000003
"2402"=dword:00000003
"1608"=dword:00000003
"120b"=dword:00000003
"120c"=dword:00000003
"1206"=dword:00000003
"2102"=dword:00000003
"1209"=dword:00000003
"2103"=dword:00000003
"2200"=dword:00000003
"270C"=dword:00000000
"1001"=dword:00000003
"1004"=dword:00000003
"2709"=dword:00000003
"2708"=dword:00000003
"160A"=dword:00000003
"1201"=dword:00000003
"1C00"=dword:00000000
"1804"=dword:00000003
"1A00"=dword:00030000
"1607"=dword:00000003
"2004"=dword:00000003
"1200"=dword:00000003
"1405"=dword:00000003
"1402"=dword:00000003
"1806"=dword:00000003
"1409"=dword:00000000
"2500"=dword:00000000
"2301"=dword:00000000
"1809"=dword:00000000
"1606"=dword:00000003
"2101"=dword:00000003
"2001"=dword:00000003
"140C"=dword:00000003
Set Windows 10 IPSec Security policy Variables
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{72385235-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecFilter"
"description"="Matches all ICMP packets between this computer and any other computer."
"name"="ipsecFilter{72385235-70fa-11d1-864c-14a300000000}"
"ipsecName"="All ICMP Traffic"
"ipsecID"="{72385235-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b5,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,52,00,00,00,01,\
00,00,00,02,00,00,00,00,00,02,00,00,00,00,00,0a,00,00,00,49,00,43,00,4d,00,\
50,00,00,00,e0,0e,bc,51,00,8b,06,46,8f,03,6d,3b,4c,45,5e,ff,01,00,00,00,00,\
00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,\
00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,4e,00,46,00,41,00,7b,00,39,00,37,00,39,00,62,00,39,00,61,00,39,\
00,34,00,2d,00,31,00,37,00,62,00,62,00,2d,00,34,00,31,00,34,00,39,00,2d,00,\
61,00,64,00,36,00,62,00,2d,00,64,00,38,00,64,00,34,00,64,00,31,00,32,00,62,\
00,33,00,64,00,66,00,61,00,7d,00,00,00,53,00,4f,00,46,00,54,00,57,00,41,00,\
52,00,45,00,5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,\
00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,\
64,00,6f,00,77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,\
00,6c,00,69,00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,\
70,00,73,00,65,00,63,00,4e,00,46,00,41,00,7b,00,61,00,34,00,61,00,61,00,31,\
00,36,00,34,00,30,00,2d,00,31,00,63,00,66,00,64,00,2d,00,34,00,63,00,30,00,\
35,00,2d,00,38,00,34,00,64,00,37,00,2d,00,36,00,33,00,39,00,34,00,64,00,38,\
00,32,00,30,00,62,00,36,00,38,00,38,00,7d,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{7238523a-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecFilter"
"description"="Matches all IP packets from this computer to any other computer, except broadcast, multicast, Kerberos, RSVP and ISAKMP (IKE)."
"name"="ipsecFilter{7238523a-70fa-11d1-864c-14a300000000}"
"ipsecName"="All IP Traffic"
"ipsecID"="{7238523a-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b5,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,4a,00,00,00,01,\
00,00,00,02,00,00,00,00,00,02,00,00,00,00,00,02,00,00,00,00,00,10,4f,8e,d5,\
ca,d5,cc,42,82,d6,af,d5,f8,d3,e8,1b,01,00,00,00,00,00,00,00,ff,ff,ff,ff,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,4e,00,46,00,41,00,7b,00,37,00,30,00,33,00,61,00,30,00,66,00,63,\
00,62,00,2d,00,62,00,35,00,65,00,39,00,2d,00,34,00,32,00,34,00,37,00,2d,00,\
39,00,32,00,65,00,65,00,2d,00,32,00,32,00,30,00,64,00,33,00,38,00,37,00,64,\
00,31,00,30,00,33,00,30,00,7d,00,00,00,53,00,4f,00,46,00,54,00,57,00,41,00,\
52,00,45,00,5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,\
00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,\
64,00,6f,00,77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,\
00,6c,00,69,00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,\
70,00,73,00,65,00,63,00,4e,00,46,00,41,00,7b,00,38,00,38,00,31,00,38,00,31,\
00,36,00,62,00,39,00,2d,00,35,00,33,00,64,00,30,00,2d,00,34,00,61,00,64,00,\
61,00,2d,00,62,00,33,00,39,00,63,00,2d,00,62,00,34,00,30,00,65,00,39,00,35,\
00,37,00,64,00,34,00,34,00,33,00,37,00,7d,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecISAKMPPolicy"
"name"="ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000}"
"ipsecID"="{72385231-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b8,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,40,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,\
00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,\
00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,\
00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,80,70,00,\
00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,\
00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,50,00,6f,00,6c,00,69,00,63,00,79,00,7b,00,37,00,32,00,33,00,38,\
00,35,00,32,00,33,00,30,00,2d,00,37,00,30,00,66,00,61,00,2d,00,31,00,31,00,\
64,00,31,00,2d,00,38,00,36,00,34,00,63,00,2d,00,31,00,34,00,61,00,33,00,30,\
00,30,00,30,00,30,00,30,00,30,00,30,00,30,00,7d,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385234-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecISAKMPPolicy"
"name"="ipsecISAKMPPolicy{72385234-70fa-11d1-864c-14a300000000}"
"ipsecID"="{72385234-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b8,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,40,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,\
00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,\
00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,\
00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,80,70,00,\
00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,\
00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecISAKMPPolicy"
"name"="ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000}"
"ipsecID"="{72385237-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b8,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,40,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,\
00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,\
00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,\
00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,80,70,00,\
00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,\
00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,50,00,6f,00,6c,00,69,00,63,00,79,00,7b,00,37,00,32,00,33,00,38,\
00,35,00,32,00,33,00,36,00,2d,00,37,00,30,00,66,00,61,00,2d,00,31,00,31,00,\
64,00,31,00,2d,00,38,00,36,00,34,00,63,00,2d,00,31,00,34,00,61,00,33,00,30,\
00,30,00,30,00,30,00,30,00,30,00,30,00,30,00,7d,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecISAKMPPolicy"
"name"="ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000}"
"ipsecID"="{7238523d-70fa-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b8,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,40,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,03,00,00,00,00,00,00,00,\
00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,\
00,00,00,00,00,00,03,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,\
00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,80,70,00,\
00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,\
00,00,00,00,00,00,00,00,00,00,00,80,70,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,50,00,6f,00,6c,00,69,00,63,00,79,00,7b,00,37,00,32,00,33,00,38,\
00,35,00,32,00,33,00,63,00,2d,00,37,00,30,00,66,00,61,00,2d,00,31,00,31,00,\
64,00,31,00,2d,00,38,00,36,00,34,00,63,00,2d,00,31,00,34,00,61,00,33,00,30,\
00,30,00,30,00,30,00,30,00,30,00,30,00,30,00,7d,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{582b2f50-c50e-4fc4-a1ed-e12d52b6f308}]
"ClassName"="ipsecNegotiationPolicy"
"name"="ipsecNegotiationPolicy{582b2f50-c50e-4fc4-a1ed-e12d52b6f308}"
"ipsecID"="{582b2f50-c50e-4fc4-a1ed-e12d52b6f308}"
"ipsecNegotiationPolicyAction"="{8a171dd3-77e3-11d1-8659-a04f00000000}"
"ipsecNegotiationPolicyType"="{62f49e13-6c37-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b9,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,e4,01,00,00,06,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,03,00,\
00,00,02,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,\
00,00,00,03,00,00,00,01,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,01,00,00,00,01,00,00,00,02,00,00,00,02,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,02,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,02,00,00,00,00,00,00,\
00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,01,00,\
00,00,00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00
"whenChanged"=dword:660f142b
"ipsecOwnersReference"=hex(7):53,00,4f,00,46,00,54,00,57,00,41,00,52,00,45,00,\
5c,00,50,00,6f,00,6c,00,69,00,63,00,69,00,65,00,73,00,5c,00,4d,00,69,00,63,\
00,72,00,6f,00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,\
77,00,73,00,5c,00,49,00,50,00,53,00,65,00,63,00,5c,00,50,00,6f,00,6c,00,69,\
00,63,00,79,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,5c,00,69,00,70,00,73,00,\
65,00,63,00,4e,00,46,00,41,00,7b,00,35,00,38,00,64,00,35,00,63,00,38,00,64,\
00,62,00,2d,00,34,00,33,00,35,00,35,00,2d,00,34,00,32,00,61,00,65,00,2d,00,\
61,00,33,00,32,00,65,00,2d,00,35,00,38,00,31,00,36,00,33,00,30,00,36,00,32,\
00,39,00,34,00,63,00,61,00,7d,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000}]
"ClassName"="ipsecNegotiationPolicy"
"description"="Accepts unsecured communication, but requests clients to establish trust and security methods. Will communicate insecurely to untrusted clients if they do not respond to request."
"name"="ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000}"
"ipsecName"="Request Security (Optional)"
"ipsecID"="{72385233-70fa-11d1-864c-14a300000000}"
"ipsecNegotiationPolicyAction"="{3f91a81a-7647-11d1-864d-d46a00000000}"
"ipsecNegotiationPolicyType"="{62f49e10-6c37-11d1-864c-14a300000000}"
"ipsecDataType"=dword:00000100
"ipsecData"=hex:b9,20,dc,80,c8,2e,d1,11,a8,9e,00,a0,24,8d,30,21,94,01,00,00,05,\
00,00,00,84,03,00,00,a0,86,01,00,00,00,00,00,00,00,00,00,01,00,00,00,03,00,\
00,00,02,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,84,03,00,00,a0,86,01,00,00,00,00,00,00,00,00,00,01,\
00,00,00,01,00,00,00,02,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,2c,01,00,00,a0,86,01,0
Set Windows 10 Network Security Variables
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Kernel DMA Protection]
"DeviceEnumerationPolicy"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation]
"AllowInsecureGuestAuth"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\NetCache][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Network Connections]
"NCShowSharedAccessUI"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider][HKEYLOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths]
"\\\SYSVOL"="RequireMutualAuthentication=1,RequireIntegrity=1"
"\\\NETLOGON"="RequireMutualAuthentication=1,RequireIntegrity=1"
Disable Lock Screen Camera and Slide-Show
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization]
"NoLockScreenCamera"=dword:00000001
"NoLockScreenSlideshow"=dword:00000001
Lock Down Powershell Commands
SPECIAL NOTE: WARNING!!! WINDOWS XP WAS NEVER DESIGNED TO RUN THIS VERSION OF POWERSHELL THIS COMMAND IS STRICTLY FOR NESSUS
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\PowerShell][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging]
"EnableScriptBlockLogging"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\PowerShell\Transcription]
"EnableTranscripting"=dword:00000001
"OutputDirectory"="C:\ProgramData\PS_Transcript"
Set Known Software Restriction Policies (Windows 11)
SPECIAL NOTE: WARNING!!! WINDOWS XP WAS NEVER DESIGNED TO RUN THIS VERSION OF CODEIDENTIFIERS POLICY SETTINGS, THESE UPDATES WILL NOT OFFICIALLY WORK
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"ExecutableTypes"=hex(7):41,00,44,00,45,00,00,00,41,00,44,00,50,00,00,00,42,00,\
41,00,53,00,00,00,42,00,41,00,54,00,00,00,43,00,48,00,4d,00,00,00,43,00,4d,\
00,44,00,00,00,43,00,4f,00,4d,00,00,00,43,00,50,00,4c,00,00,00,43,00,52,00,\
54,00,00,00,45,00,58,00,45,00,00,00,48,00,4c,00,50,00,00,00,48,00,54,00,41,\
00,00,00,49,00,4e,00,46,00,00,00,49,00,4e,00,53,00,00,00,49,00,53,00,50,00,\
00,00,4c,00,4e,00,4b,00,00,00,4d,00,44,00,42,00,00,00,4d,00,44,00,45,00,00,\
00,4d,00,53,00,43,00,00,00,4d,00,53,00,49,00,00,00,4d,00,53,00,50,00,00,00,\
4d,00,53,00,54,00,00,00,4f,00,43,00,58,00,00,00,50,00,43,00,44,00,00,00,50,\
00,49,00,46,00,00,00,52,00,45,00,47,00,00,00,53,00,43,00,52,00,00,00,53,00,\
48,00,53,00,00,00,55,00,52,00,4c,00,00,00,56,00,42,00,00,00,57,00,53,00,43,\
00,00,00,00,00
"TransparentEnabled"=dword:00000001
"DefaultLevel"=dword:00040000
"AuthenticodeEnabled"=dword:00000000
"PolicyScope"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes{349d35ab-37b5-462f-9b89-edd5fbde1328}]
"Description"="Stop the download of this file"
"FriendlyName"="Mdac11.cab"
"SaferFlags"=dword:00000000
"HashAlg"=dword:00008003
"ItemData"=hex:5e,ab,30,4f,95,7a,49,89,6a,00,6c,1c,31,15,40,15
"LastModified"=hex(b):85,c4,34,dc,19,a2,c2,01
"ItemSize"=hex(b):0b,03,00,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}]
"Description"="Stop the download of this file"
"FriendlyName"="mdac20.cab"
"SaferFlags"=dword:00000000
"HashAlg"=dword:00008003
"ItemData"=hex:67,b0,d4,8b,34,3a,3f,d3,bc,e9,dc,64,67,04,f3,94
"LastModified"=hex(b):03,8a,39,dc,19,a2,c2,01
"ItemSize"=hex(b):05,02,00,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}]
"Description"="Stop the download of this file"
"FriendlyName"="mdac20a.cab"
"SaferFlags"=dword:00000000
"HashAlg"=dword:00008003
"ItemData"=hex:32,78,02,dc,fe,f8,c8,93,dc,8a,b0,06,dd,84,7d,1d
"LastModified"=hex(b):be,77,45,dc,19,a2,c2,01
"ItemSize"=hex(b):96,03,00,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes{94e3e076-8f53-42a5-8411-085bcc18a68d}]
"Description"="Stop the download of this file"
"FriendlyName"="msadc10.cab"
"SaferFlags"=dword:00000000
"HashAlg"=dword:00008003
"ItemData"=hex:bd,9a,2a,db,42,eb,d8,56,0e,25,0e,4d,f8,16,2f,67
"LastModified"=hex(b):81,4f,3e,dc,19,a2,c2,01
"ItemSize"=hex(b):e5,00,00,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}]
"Description"="Stop the download of this file"
"FriendlyName"="msadc11.cab"
"SaferFlags"=dword:00000000
"HashAlg"=dword:00008003
"ItemData"=hex:38,6b,08,5f,84,ec,f6,69,d3,6b,95,6a,22,c0,1e,80
"LastModified"=hex(b):40,b2,40,dc,19,a2,c2,01
"ItemSize"=hex(b):72,01,00,00,00,00,00,00[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths][HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths{dda3f824-d8cb-441b-834d-be2efd2c1a33}]
"Description"=""
"SaferFlags"=dword:00000000
"ItemData"=hex(2):25,00,48,00,4b,00,45,00,59,00,5f,00,43,00,55,00,52,00,52,00,\
45,00,4e,00,54,00,5f,00,55,00,53,00,45,00,52,00,5c,00,53,00,6f,00,66,00,74,\
00,77,00,61,00,72,00,65,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,\
66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,00,43,00,75,\
00,72,00,72,00,65,00,6e,00,74,00,56,00,65,00,72,00,73,00,69,00,6f,00,6e,00,\
5c,00,45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,72,00,5c,00,53,00,68,00,65,\
00,6c,00,6c,00,20,00,46,00,6f,00,6c,00,64,00,65,00,72,00,73,00,5c,00,43,00,\
61,00,63,00,68,00,65,00,25,00,4f,00,4c,00,4b,00,2a,00,00,00
"LastModified"=hex(b):de,ce,61,cf,d2,86,da,01
Enable Smart Screen Settings for Windows XP (Windows 11)
SPECIAL NOTE: WARNING!!! WINDOWS XP WAS NEVER DESIGNED TO RUN SMART SCREEN VARIABLES LIKE THIS. THIS CHANGE CUSTOMIZES THE SECURITY SETTINGS ON XP
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows\System]
"DontDisplayNetworkSelectionUI"=dword:00000001
"EnumerateLocalUsers"=dword:00000000
"EnableSmartScreen"=dword:00000001
"ShellSmartScreenLevel"="Block"
"AllowDomainPINLogon"=dword:00000000
"EnableLogonOptimization"=dword:00000001
"SyncModeSlowLinkThreshold"=dword:000001f4
"SyncModeNoDCThreshold"=dword:00001388
Secure Windows RDS Services (TERMINAL SERVICES)
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]
"fDisableAutoReconnect"=dword:00000001
"fDenyTSConnections"=dword:00000000
"fDisableForcibleLogoff"=dword:00000001
"KeepAliveEnable"=dword:00000000
"MaxInstanceCount"=dword:00000001
"SelectTransport"=dword:00000001
"fSingleSessionPerUser"=dword:00000001
"fAllowUnlistedRemotePrograms"=dword:00000000
"SecurityLayer"=dword:00000000
"UserAuthentication"=dword:00000001
"fAllowToGetHelp"=dword:00000000
"DisablePasswordSaving"=dword:00000001
"fDisableCdm"=dword:00000001
"fPromptForPassword"=dword:00000001
"fEncryptRPCTraffic"=dword:00000001
"MinEncryptionLevel"=dword:00000003[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\AllUserInstallAgent]
"LogonWaitForPackageRegistration"=dword:00000000
Secure Windows Firewall
SPECIAL NOTE: For Obvious Reasons, we can't secure Firewall settings for your home network, however they are configured through SecEdit to match basic requirements.
[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion"=dword:0000021d[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall"=dword:00000001
"DefaultOutboundAction"=dword:00000000
"DefaultInboundAction"=dword:00000001
"DisableNotifications"=dword:00000000
"AllowLocalPolicyMerge"=dword:00000001
"AllowLocalIPsecPolicyMerge"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"{30B550DB-C4B8-4A44-A383-D1C7ED13AAE2}"="v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=43389|Name=AllowCustomRDP|"
"{0B7F479C-F8C6-4850-A763-1C2C9B1FE520}"="v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=6|LPort=3389|Name=DenyDefaultRDP|"[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile]
"EnableFirewall"=dword:00000001
"DefaultOutboundAction"=dword:00000000
"DefaultInboundAction"=dword:00000001
"DisableNotifications"=dword:00000000
"AllowLocalPolicyMerge"=dword:00000001
"AllowLocalIPsecPolicyMerge"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile]
"EnableFirewall"=dword:00000001
"DefaultOutboundAction"=dword:00000000
"DefaultInboundAction"=dword:00000001
"DisableNotifications"=dword:00000000
"AllowLocalPolicyMerge"=dword:00000001
"AllowLocalIPsecPolicyMerge"=dword:00000001
Locking Down Firefox Configurations
[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla][HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox]
"SSLVersionMin"="tls1.2"
"ExtensionUpdate"=dword:00000000
"DisableFormHistory"=dword:00000001
"PasswordManagerEnabled"=dword:00000000
"DisableTelemetry"=dword:00000001
"DisableDeveloperTools"=dword:00000001
"DisableForgetButton"=dword:00000001
"DisablePrivateBrowsing"=dword:00000001
"SearchSuggestEnabled"=dword:00000000
"NetworkPrediction"=dword:00000000
"DisableFirefoxAccounts"=dword:00000001
"DisableFeedbackCommands"=dword:00000001
"Preferences"=hex(7):7b,00,00,00,20,00,20,00,22,00,73,00,65,00,63,00,75,00,72,\
00,69,00,74,00,79,00,2e,00,64,00,65,00,66,00,61,00,75,00,6c,00,74,00,5f,00,\
70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,5f,00,63,00,65,00,72,00,74,\
00,22,00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,00,56,00,61,00,\
6c,00,75,00,65,00,22,00,3a,00,20,00,22,00,41,00,73,00,6b,00,20,00,45,00,76,\
00,65,00,72,00,79,00,20,00,54,00,69,00,6d,00,65,00,22,00,2c,00,00,00,20,00,\
20,00,20,00,20,00,22,00,53,00,74,00,61,00,74,00,75,00,73,00,22,00,3a,00,20,\
00,22,00,6c,00,6f,00,63,00,6b,00,65,00,64,00,22,00,00,00,20,00,20,00,7d,00,\
2c,00,00,00,20,00,20,00,22,00,62,00,72,00,6f,00,77,00,73,00,65,00,72,00,2e,\
00,73,00,65,00,61,00,72,00,63,00,68,00,2e,00,75,00,70,00,64,00,61,00,74,00,\
65,00,22,00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,00,56,00,61,\
00,6c,00,75,00,65,00,22,00,3a,00,20,00,66,00,61,00,6c,00,73,00,65,00,2c,00,\
00,00,20,00,20,00,20,00,20,00,22,00,53,00,74,00,61,00,74,00,75,00,73,00,22,\
00,3a,00,20,00,22,00,6c,00,6f,00,63,00,6b,00,65,00,64,00,22,00,00,00,20,00,\
20,00,7d,00,2c,00,00,00,20,00,20,00,22,00,64,00,6f,00,6d,00,2e,00,64,00,69,\
00,73,00,61,00,62,00,6c,00,65,00,5f,00,77,00,69,00,6e,00,64,00,6f,00,77,00,\
5f,00,6d,00,6f,00,76,00,65,00,5f,00,72,00,65,00,73,00,69,00,7a,00,65,00,22,\
00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,00,56,00,61,00,6c,00,\
75,00,65,00,22,00,3a,00,20,00,74,00,72,00,75,00,65,00,2c,00,00,00,20,00,20,\
00,20,00,20,00,22,00,53,00,74,00,61,00,74,00,75,00,73,00,22,00,3a,00,20,00,\
22,00,6c,00,6f,00,63,00,6b,00,65,00,64,00,22,00,00,00,20,00,20,00,7d,00,2c,\
00,00,00,20,00,20,00,22,00,64,00,6f,00,6d,00,2e,00,64,00,69,00,73,00,61,00,\
62,00,6c,00,65,00,5f,00,77,00,69,00,6e,00,64,00,6f,00,77,00,5f,00,66,00,6c,\
00,69,00,70,00,22,00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,00,\
56,00,61,00,6c,00,75,00,65,00,22,00,3a,00,20,00,74,00,72,00,75,00,65,00,2c,\
00,00,00,20,00,20,00,20,00,20,00,22,00,53,00,74,00,61,00,74,00,75,00,73,00,\
22,00,3a,00,20,00,22,00,6c,00,6f,00,63,00,6b,00,65,00,64,00,22,00,00,00,20,\
00,20,00,7d,00,2c,00,00,00,20,00,20,00,20,00,22,00,62,00,72,00,6f,00,77,00,\
73,00,65,00,72,00,2e,00,63,00,6f,00,6e,00,74,00,65,00,6e,00,74,00,62,00,6c,\
00,6f,00,63,00,6b,00,69,00,6e,00,67,00,2e,00,63,00,61,00,74,00,65,00,67,00,\
6f,00,72,00,79,00,22,00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,\
00,56,00,61,00,6c,00,75,00,65,00,22,00,3a,00,20,00,22,00,73,00,74,00,72,00,\
69,00,63,00,74,00,22,00,2c,00,00,00,20,00,20,00,20,00,20,00,22,00,53,00,74,\
00,61,00,74,00,75,00,73,00,22,00,3a,00,20,00,22,00,6c,00,6f,00,63,00,6b,00,\
65,00,64,00,22,00,00,00,20,00,20,00,7d,00,2c,00,00,00,20,00,20,00,22,00,65,\
00,78,00,74,00,65,00,6e,00,73,00,69,00,6f,00,6e,00,73,00,2e,00,68,00,74,00,\
6d,00,6c,00,61,00,62,00,6f,00,75,00,74,00,61,00,64,00,64,00,6f,00,6e,00,73,\
00,2e,00,72,00,65,00,63,00,6f,00,6d,00,6d,00,65,00,6e,00,64,00,61,00,74,00,\
69,00,6f,00,6e,00,73,00,2e,00,65,00,6e,00,61,00,62,00,6c,00,65,00,64,00,22,\
00,3a,00,20,00,7b,00,00,00,20,00,20,00,20,00,20,00,22,00,56,00,61,00,6c,00,\
75,00,65,00,22,00,3a,00,20,00,66,00,61,00,6c,00,73,00,65,00,2c,00,00,00,20,\
00,20,00,20,00,20,00,22,00,53,00,74,00,61,00,74,00,75,00,73,00,22,00,3a,00,\
20,00,22,00,6c,00,6f,00,63,00,6b,00,65,00,64,00,22,00,00,00,20,00,20,00,7d,\
00,00,00,7d,00,00,00,00,00
"DisablePocket"=dword:00000001
"DisableFirefoxStudies"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\Certificates]
"ImportEnterpriseRoots"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\DisabledCiphers]
"TLSRSAWITH3DESEDECBCSHA"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\EnableTrackingProtection]
"Fingerprinting"=dword:00000001
"Cryptomining"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\EncryptedMediaExtensions]
"Enabled"=dword:00000000
"Locked"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\FirefoxHome]
"Search"=dword:00000000
"TopSites"=dword:00000000
"SponsoredTopSites"=dword:00000000
"Highlights"=dword:00000000
"Pocket"=dword:00000000
"SponsoredPocket"=dword:00000000
"Snippets"=dword:00000000
"Locked"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\InstallAddonsPermission]
"Default"=dword:00000000[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\Permissions][HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\Permissions\Autoplay]
"Default"="block-audio-video"[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking]
"Default"=dword:00000001
"Locked"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking\Allow]
"1"=".mil"
"2"=".gov"[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\SanitizeOnShutdown]
"Cache"=dword:00000000
"Cookies"=dword:00000000
"Downloads"=dword:00000000
"FormData"=dword:00000000
"History"=dword:00000000
"Sessions"=dword:00000000
"SiteSettings"=dword:00000000
"OfflineApps"=dword:00000000
"Locked"=dword:00000001[HKEYLOCALMACHINE\SOFTWARE\Policies\Mozilla\Firefox\UserMessaging]
"ExtensionRecommendations"=dword:00000000
Disable Remote Registry Anonymous access
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry]
"Description"="Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start."
"DependOnService"=hex(7):52,00,50,00,43,00,53,00,53,00,00,00,00,00
"DisplayName"="Remote Registry"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,00,00
"ObjectName"="NT AUTHORITY\LocalService"
"Group"=""
"Start"=dword:00000004
"Type"=dword:00000020
"FailureActions"=hex:00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,e0,ad,08,\
00,01,00,00,00,e8,03,00,00
"DependOnGroup"=hex(7):00,00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
72,00,65,00,67,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,60,00,04,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,\
05,0b,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,\
23,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
02,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum]
"0"="Root\LEGACY_REMOTEREGISTRY\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001
Disable MIcrosoft Remote Access Help on XP
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess]
"Type"=dword:00000020
"Start"=dword:00000004
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"DisplayName"="Routing and Remote Access"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,53,00,00,00,00,00
"DependOnGroup"=hex(7):4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,47,00,72,00,\
6f,00,75,00,70,00,00,00,00,00
"ObjectName"="LocalSystem"
"Description"="Offers routing services to businesses in local area and wide area network environments."
@=""[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting\Providers]
"ActiveProvider"="{1AA7F846-C7F5-11D0-A376-00C04FC9DA04}"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting\Providers{1AA7F840-C7F5-11D0-A376-00C04FC9DA04}]
"ConfigClsid"="{1AA7F840-C7F5-11D0-A376-00C04FC9DA04}"
"DisplayName"="RADIUS Accounting"
"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,\
61,00,73,00,72,00,61,00,64,00,2e,00,64,00,6c,00,6c,00,00,00
"ProviderTypeGUID"="{76560D80-2BFD-11d2-9539-3078302C2030}"
"VendorName"="Microsoft"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting\Providers{1AA7F846-C7F5-11D0-A376-00C04FC9DA04}]
"ConfigClsid"=""
"DisplayName"="Windows Accounting"
"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,\
70,00,72,00,64,00,64,00,6d,00,2e,00,64,00,6c,00,6c,00,00,00
"ProviderTypeGUID"="{76560D81-2BFD-11d2-9539-3078302C2030}"
"VendorName"="Microsoft"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication\Providers]
"ActiveProvider"="{1AA7F841-C7F5-11D0-A376-00C04FC9DA04}"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication\Providers{1AA7F83F-C7F5-11D0-A376-00C04FC9DA04}]
"ConfigClsid"="{1AA7F83F-C7F5-11D0-A376-00C04FC9DA04}"
"DisplayName"="RADIUS Authentication"
"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,\
61,00,73,00,72,00,61,00,64,00,2e,00,64,00,6c,00,6c,00,00,00
"VendorName"="Microsoft"
"ProviderTypeGUID"="{76560D00-2BFD-11d2-9539-3078302C2030}"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication\Providers{1AA7F841-C7F5-11D0-A376-00C04FC9DA04}]
"ConfigClsid"=""
"DisplayName"="Windows Authentication"
"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,\
70,00,72,00,64,00,64,00,6d,00,2e,00,64,00,6c,00,6c,00,00,00
"VendorName"="Microsoft"
"ProviderTypeGUID"="{76560D01-2BFD-11d2-9539-3078302C2030}"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\DemandDialManager]
"DllPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,\
00,70,00,72,00,64,00,64,00,6d,00,2e,00,64,00,6c,00,6c,00,00,00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces]
"Stamp"=dword:00000000[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\0]
"InterfaceName"="Loopback"
"Type"=dword:00000005
"Enabled"=dword:00000001
"Stamp"=dword:00000000[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\0\Ip]
"ProtocolId"=dword:00000021
"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,38,00,00,\
00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\
07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\1]
"InterfaceName"="Internal"
"Type"=dword:00000004
"Enabled"=dword:00000001
"Stamp"=dword:00000000[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\1\Ip]
"ProtocolId"=dword:00000021
"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,38,00,00,\
00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\
07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\2]
"InterfaceName"="{029DC097-8FC0-475C-BEB2-112AEB62D7A0}"
"Type"=dword:00000003
"Enabled"=dword:00000001
"Stamp"=dword:00000000[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\2\Ip]
"ProtocolId"=dword:00000021
"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,38,00,00,\
00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\
07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\
00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters]
"RouterType"=dword:00000001
"ServerFlags"=dword:00002702
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
6d,00,70,00,72,00,64,00,69,00,6d,00,2e,00,64,00,6c,00,6c,00,00,00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\AppleTalk]
"EnableIn"=dword:00000001[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\Ip]
"AllowClientIpAddresses"=dword:00000000
"AllowNetworkAccess"=dword:00000001
"EnableIn"=dword:00000001
"IpAddress"="0.0.0.0"
"IpMask"="0.0.0.0"
"UseDhcpAddressing"=dword:00000001[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\Ipx]
"EnableIn"=dword:00000001
"AcceptRemoteNodeNumber"=dword:00000001
"AllowNetworkAccess"=dword:00000001
"AutoWanNetAllocation"=dword:00000001
"FirstWanNet"=dword:00000000
"GlobalWanNet"=dword:00000001
"LastWanNet"=dword:00000000[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\Nbf]
"EnableIn"=dword:00000001
"AllowNetworkAccess"=dword:00000001[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Performance]
"Open"="OpenRasPerformanceData"
"Close"="CloseRasPerformanceData"
"Collect"="CollectRasPerformanceData"
"Library"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,\
00,61,00,73,00,63,00,74,00,72,00,73,00,2e,00,64,00,6c,00,6c,00,00,00
"Last Counter"=dword:00000804
"Last Help"=dword:00000805
"First Counter"=dword:000007de
"First Help"=dword:000007df
"WbemAdapFileSignature"=hex:b0,b0,d7,90,5a,c7,1b,c2,78,f1,7f,45,5e,18,26,11
"WbemAdapFileTime"=hex:00,a0,a1,10,27,9e,c8,01
"WbemAdapFileSize"=dword:00002e00
"WbemAdapStatus"=dword:00000000[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy]
"ProductDir"="C:\WINDOWS\system32\IAS"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\01]
@="IAS.ProxyPolicyEnforcer"
"Requests"="0 1 2"
"Responses"="0 1 2 3 4"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\02]
@="IAS.NTSamNames"
"Providers"="1"
"Requests"="0"
"Responses"="0 1 3"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\03]
@="IAS.BaseCampHost"
"Requests"="0 1"
"Responses"="0 1 2 4"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\04]
@="IAS.RadiusProxy"
"Providers"="2"
"Responses"="0"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\05]
@="IAS.NTSamAuthentication"
"Providers"="1"
"Requests"="0"
"Responses"="0"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\06]
@="IAS.AccountValidation"
"Providers"="1"
"Requests"="0"
"Responses"="0 1"
"Reasons"="33"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\07]
@="IAS.PolicyEnforcer"
"Providers"="1"
"Requests"="0"
"Responses"="0 1 3"
"Reasons"="33"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\08]
@="IAS.NTSamPerUser"
"Providers"="1"
"Requests"="0"
"Responses"="0 1 3"
"Reasons"="33"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\09]
@="IAS.EAP"
"Providers"="1"
"Requests"="0 2"
"Responses"="0"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\10]
@="IAS.URHandler"
"Providers"="0 1"
"Requests"="0 2"
"Responses"="0 1"
"Reasons"="33"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\11]
@="IAS.ChangePassword"
"Providers"="1"
"Requests"="0"
"Responses"="0 1"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\12]
@="IAS.AuthorizationHost"
"Requests"="0 1 2"
"Responses"="0 1 2 4"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\13]
@="IAS.Accounting"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\14]
@="IAS.MSChapErrorReporter"
"Providers"="0 1"
"Requests"="0"
"Responses"="2"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\RouterManagers]
"Stamp"=dword:00000000[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\RouterManagers\Ip]
"ProtocolId"=dword:00000021
"GlobalInfo"=hex:01,00,00,00,80,00,00,00,02,00,00,00,03,00,ff,ff,08,00,00,00,\
01,00,00,00,30,00,00,00,06,00,ff,ff,3c,00,00,00,01,00,00,00,38,00,00,00,00,\
00,00,00,00,00,00,00,01,00,00,00,07,00,00,00,02,00,00,00,01,00,00,00,03,00,\
00,00,0a,00,00,00,16,27,00,00,03,00,00,00,17,27,00,00,05,00,00,00,12,27,00,\
00,07,00,00,00,0d,00,00,00,6e,00,00,00,08,00,00,00,78,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"DLLPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,69,\
00,70,00,72,00,74,00,72,00,6d,00,67,00,72,00,2e,00,64,00,6c,00,6c,00,00,00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
Secure Terminal Access RDP
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\Console\RDP]
"CdClass"=dword:00000000
"CdDLL"=""
"CdFlag"=dword:00000000
"CdName"=""
"CfgDll"="RDPCFGEX.DLL"
"InteractiveDelay"=dword:00000032
"OutBufDelay"=dword:00000064
"PdClass"=dword:00000002
"PdDLL"="tdtcp"
"PdFlag"=dword:0000004e
"PdName"="tcp"
"WdDLL"="rdpwd"
"WdFlag"=dword:00000034
"WdName"="Microsoft RDP 5.1"
"WdPrefix"="RDP"
"WsxDLL"="rdpwsx"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
"CfgDll"="RDPCFGEX.DLL"
"fEnableWinStation"=dword:00000001
"MaxInstanceCount"=dword:ffffffff
"PdName"="tcp"
"PdClass"=dword:00000002
"PdDLL"="tdtcp"
"PdFlag"=dword:0000004e
"OutBufLength"=dword:00000212
"OutBufCount"=dword:00000006
"OutBufDelay"=dword:00000064
"InteractiveDelay"=dword:00000032
"PortNumber"=dword:0000a97d
"KeepAliveTimeout"=dword:00000000
"LanAdapter"=dword:00000000
"WdName"="Microsoft RDP 5.1"
"WdDLL"="rdpwd"
"WsxDLL"="rdpwsx"
"WdFlag"=dword:00000036
"InputBufferLength"=dword:00000800
"CdClass"=dword:00000000
"CdName"=""
"CdDLL"=""
"CdFlag"=dword:00000000
"Comment"=""
"fInheritAutoLogon"=dword:00000001
"fInheritResetBroken"=dword:00000001
"fInheritReconnectSame"=dword:00000001
"fInheritInitialProgram"=dword:00000001
"fInheritCallback"=dword:00000000
"fInheritCallbackNumber"=dword:00000001
"fInheritShadow"=dword:00000001
"fInheritMaxSessionTime"=dword:00000001
"fInheritMaxDisconnectionTime"=dword:00000001
"fInheritMaxIdleTime"=dword:00000001
"fInheritAutoClient"=dword:00000001
"fInheritSecurity"=dword:00000000
"fInheritColorDepth"=dword:00000000
"fPromptForPassword"=dword:00000000
"fResetBroken"=dword:00000000
"fReconnectSame"=dword:00000000
"fLogonDisabled"=dword:00000000
"fAutoClientDrives"=dword:00000001
"fAutoClientLpts"=dword:00000001
"fForceClientLptDef"=dword:00000001
"fDisableEncryption"=dword:00000001
"fHomeDirectoryMapRoot"=dword:00000000
"fUseDefaultGina"=dword:00000000
"fDisableCpm"=dword:00000000
"fDisableCdm"=dword:00000000
"fDisableCcm"=dword:00000000
"fDisableLPT"=dword:00000000
"fDisableClip"=dword:00000000
"fDisableExe"=dword:00000000
"fDisableCam"=dword:00000000
"Username"=""
"Domain"=""
"Password"=""
"WorkDirectory"=""
"InitialProgram"=""
"CallbackNumber"=""
"Callback"=dword:00000000
"Shadow"=dword:00000001
"MaxConnectionTime"=dword:00000000
"MaxDisconnectionTime"=dword:00000000
"MaxIdleTime"=dword:00000000
"KeyboardLayout"=dword:00000000
"MinEncryptionLevel"=dword:00000002
"NWLogonServer"=""
"WFProfilePath"=""
"WdPrefix"="RDP"
"TraceEnable"=dword:00000000
"TraceDebugger"=dword:00000000
"TraceClass"=dword:00000000
"ColorDepth"=dword:00000003
Disable Auto-Run Applications
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoWebServices"=dword:00000001
"NoAutorun"=dword:00000001
"NoDriveTypeAutoRun"=dword:000000ff
"NoStartBanner"=dword:00000001
"PreXPSP2ShellProtocolBehavior"=dword:00000000
Disables Option to Run this time, Run Once
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext]
"RunThisTimeEnabled"=dword:00000000
"VersionCheckEnabled"=dword:00000001
Logon Popup Details
SPECIAL NOTE: You can change the LegalNotic, or LegalNoticText to anything you want, but don't use any spaces, and write it like one continuous sentence.
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies ystem]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"="Welcome to Near Nist 800-171 for GraniteXP-2024 Edition"
"legalnoticetext"="NOTICE: This package is a BETA package, and is in development by @GenericTechSupport on Youtube. Subscribers will get updated details as packages are rolled out. Please subscribe to stay up to date on continued improvements. If you have any additional details, or requests, please feel free to leave a comment on the GraniteXP Project Playlist on the @GenericTechSupport youtube Channel. "
"shutdownwithoutlogon"=dword:00000000
"undockwithoutlogon"=dword:00000001
"disablecad"=dword:00000000
"inactivitytimeoutsecs"=dword:00000384
"MSAOptional"=dword:00000001
"DisableAutomaticRestartSignOn"=dword:00000001
WinLogon Variables
[HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoRestartShell"=dword:00000001
"LegalNoticeCaption"=""
"LegalNoticeText"=""
"PowerdownAfterShutdown"="0"
"ReportBootOk"="1"
"Shell"="Explorer.exe"
"ShutdownWithoutLogon"="0"
"SfcQuota"=dword:ffffffff
"allocatecdroms"="0"
"allocatedasd"="0"
"allocatefloppies"="0"
"forceunlocklogon"=dword:00000000
"passwordexpirywarning"=dword:0000000e
"scremoveoption"="1"
"AllowMultipleTSSessions"=dword:00000000
"UIHost"=hex(2):6c,00,6f,00,67,00,6f,00,6e,00,75,00,69,00,2e,00,65,00,78,00,65,\
00,00,00
"LogonType"=dword:00000000
"DebugServerCommand"="no"
"SFCDisable"=dword:00000000
"WinStationsDisabled"="0"
"HibernationPreviouslyEnabled"=dword:00000001
"ShowLogonOptions"=dword:00000001
"DisableCAD"=dword:00000000
"AutoAdminLogon"="0"
LANMAN Server/Client Settings
[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters]
"enableplaintextpassword"=dword:00000000
"enablesecuritysignature"=dword:00000001
"requiresecuritysignature"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
77,00,6b,00,73,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00
"OtherDomains"=hex(7):00,00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters]
"Size"=dword:00000002
"DisableDos"=dword:00000000
"autodisconnect"=dword:0000000f
"enableforcedlogoff"=dword:00000001
"enablesecuritysignature"=dword:00000001
"requiresecuritysignature"=dword:00000001
"NullSessionPipes"=hex(7):43,00,4f,00,4d,00,4e,00,41,00,50,00,00,00,43,00,4f,\
00,4d,00,4e,00,4f,00,44,00,45,00,00,00,53,00,51,00,4c,00,5c,00,51,00,55,00,\
45,00,52,00,59,00,00,00,53,00,50,00,4f,00,4f,00,4c,00,53,00,53,00,00,00,4c,\
00,4c,00,53,00,52,00,50,00,43,00,00,00,62,00,72,00,6f,00,77,00,73,00,65,00,\
72,00,00,00,00,00
"NullSessionShares"=hex(7):43,00,4f,00,4d,00,43,00,46,00,47,00,00,00,44,00,46,\
00,53,00,24,00,00,00,00,00
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
73,00,72,00,76,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00
"Lmannounce"=dword:00000000
"Guid"=hex:e7,e8,91,4a,c5,2d,f8,49,b2,92,29,e4,87,d6,eb,30
"AdjustedNullSessionPipes"=dword:00000001
"SMB1"=dword:00000000
"restrictnullsessaccess"=dword:00000001[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer]
"Start"=dword:00000004
Cleanup Process
GPO/REG Config Cleanup Final Step Details
Disable System Restore
reg add "HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v DisableSR /t REG_DWORD /d 1 /f
Set Page file to 4GB
reg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v PagingFiles /t REGMULTISZ /d "C:\pagefile.sys 4092 4092" /f
Disable System Remote Assistance
reg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Remote Assistance" /v fAllowToGetHelp /t REGDWORD /d 0 /freg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Remote Assistance" /v fAllowFullControl /t REGDWORD /d 0 /f
Disable Microsoft Remote Support
reg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fAllowToGetHelp /t REG_DWORD /d 0 /f
Disable Application Foreground Boost
reg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\PriorityControl" /v Win32PrioritySeparation /t REG_DWORD /d 24 /f
Define RDP Inbound Port
reg add "HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber /t REG_DWORD /d "43389" /f
Windows Service Cleanup
Disable Windows Screen Recording
sc config srservice start= disabled
Disable Shared Resources
sc config browser start= disabled
Disable Windows Help Services
sc config helpsvc start= disabled
Disable Printer Services
sc config spooler start= disabled
Disable Windows Updates Services
sc config wuauserv start= disabled
MISC DATA
GPO/REG Configuration Details
The above is an incomplete list, the Policy configurations have changes slightly over the past year to compensate for additional configurations. It's important to note that while this project is a working project, it's been modeled after a Windows 10 22H2 machine, and there's been a couple of windows 11 Policies Sprinkled in over the year, however, that the configuration is based on a 100% out of the box windows XP SP3 machine, with no updates or any configurations on it. Attempting to install this package on a pre-built or XP system with a ton of stuff on it is a bad idea, and not something recommened.
NEW NETWORK CONFIGURATION
Set the Dynamic RPC Ports
reg add "HKLM\SOFTWARE\Microsoft\Rpc\Internet" /v Ports /t REGMULTISZ /d 4000-4700 /f
Turn on Defined Internet RPC Access Ports
reg add "HKLM\SOFTWARE\Microsoft\Rpc\Internet" /v PortsInternetAvailable /t REG_SZ /d Y /f
Force Use of Internet External RPC Ports
reg add "HKLM\SOFTWARE\Microsoft\Rpc\Internet" /v UseInternetPorts /t REG_SZ /d Y /f
Force Object Linking for DCOM
reg add "HKLM\SOFTWARE\Microsoft\ole" /v EnableDCOM /t REG_SZ /d N /f
Disable DCOM on RPC Protocol
reg add "HKLM\SOFTWARE\Microsoft\Rpc" /v "DCOM Protocols" /t REGMULTISZ /f
Disable SMB Share Access Port
reg add "HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v SMBDeviceEnabled /t REG_DWORD /d 0 /f
Disable LMHost Share Access Port
reg add "HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v EnableLMHOSTS /t REG_DWORD /d 0 /f
Disable Print Spooler Services
sc config spooler start= disabled
Configure Network Firewall Ports
Configure Custom Settings for Network Security
Windows Registry Editor Version 5.00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
69,00,70,00,6e,00,61,00,74,00,68,00,6c,00,70,00,2e,00,64,00,6c,00,6c,00,00,\
00[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Disabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::disabled:@xpsp2res.dll,-22019"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System]
"clroptimizationv4.0.3031932-1"="V4.0|Action=Block|Dir=In|App=c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe|Svc=clroptimizationv4.0.3031932|Name=Block traffic for clroptimizationv4.0.3031932|"
"clroptimizationv4.0.3031932-2"="V4.0|Action=Block|Dir=Out|App=c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe|Svc=clroptimizationv4.0.3031932|Name=Block traffic for clroptimizationv4.0.3031932|"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Disabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::disabled:@xpsp2res.dll,-22019"[HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts][HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP"="5985:TCP::Disabled:Windows Remote Management "
"80:TCP"="80:TCP::Disabled:Windows Remote Management - Compatibility Mode (HTTP-In) "
"43389:TCP"="43389:TCP:*:Enabled:CustomRDP"
Granite Links
WINDOWS ADDITIONAL PACKAGES
Granite Install Instructions
Package Details
Hardware Requirements
A FRESH INSTALL
Pentium 3 733MHZ or better
(4 Core on ONECOREAPI Mod)
4GB PC133 RAM
(8GB DDR on OneCoreAPI Mod)
40GB IDE HARDDISK
Video Card capable of 1024/768
NO Network Connection Required
Package Contents
00. ReadFirst
01. RegistryMods
02. Updates
03. Cleanup
Step 1: Installation Prep
1. Click on Start
2. Right Click on My Computer
3. Choose Manage
4. Click on Local Users and Groups
5. Click on users
6. Right Click Choose New User
Name: Pete (or whatever you want to name it)
7. Password: 8-12 Characters, 2 special, 2 numbers (Warning Less than 8 characters will cause package to fail)
8. Create
9. Right-Click on Pete
Make him a member of "Administrators" Group.
10. Remove him from Users Group
Save
NOTE: This account only needs to exist, does not need to be the primary account
Step 2: Installation Prep
1. Create a new Folder in C:\ called "Tools"
2. Copy the installation package into that location
Step 3: Installation Mod
1. Open "01. RegistryMods"
2. Right-Click-on "01. POSEnabled" 3. Click on Merge
4. Click on Yes
5. Click on OK
6. Right-Click-on "02. SecurityEnabled"
7. Click on Merge
8. Click on Yes
9. Click on Ok
Reboot the system
Step 4: Installation Updates 1
1. Open "02 Updates"
2. Open Folder "01. WSUSOfflineXP"
3. Double-Click - UpdateInstaller
SELECT OPTIONS
1. Update Root Certificates
2. Install IE 8
3. Update C++ Runtimes
4. Install .net 3.5 SP1
5. Install .net 4.X
6. Install Powershell 2.0
7. Install Management Framework 3.0
8. Update DirectX Runtime
9. Update Windows Media Player
10. Update Remote Desktop Client
11. Automatic Reboot and Recall (Doesn't 100% work)
12. Verify Installation packages
SPECIAL NOTESystem will reboot 3-7 times depending on hardware and other factors.You must Click OK on the Banner data on the logon screen, the system will automatically recall and update after that point.Once completed you will be forced to authenticate to log back into the system.
Step 5: Installation Updates 2
1. Open "02 Updates"
2. Open Folder "02. FullXPUpdates"
3. Double-Click on "00-RunFirst"When completed the system will automatically reboot.Estimated 2-4min to complete
Step 6: Installation Updates 3
1. Open "02 Updates"
2. Open Folder "02. FullXPUpdates"
3. Double-Click on "00-Run-Second"When completed the system will automatically reboot.Estimated 4+ Hours to complete
Step 7: Installation Updates 4
1. Open "02 Updates"
2. Open Folder "03. ApplicationRollups"
3. Double-Click on "00-RunLast"When completed the system will automatically reboot.Estimated 10-20min to complete
Step 8: Installation Cleanup
1. Open "03. Cleanup"
2. Double-Click on "RunLast"When completed the system will automatically reboot.Estimated 10-20Seconds to complete
GenericTechSupport Ad Request
Advertise with GenericTechSupport
At GenericTechSupport, our fanbase consists of a diverse community of technical enthusiasts, which might suggest that we primarily promote technical software or equipment.However, we take a different approach. We are committed to supporting small businesses and helping them market products that may not be directly related to the technical field.We understand the concerns surrounding monetization and the potential for product reviews and opinions to be influenced by corporate interests. As such, we only choose to promote well-developed products that have been thoroughly tested and proven to meet high standards.If you have a product that aligns with these values, we encourage you to reach out to request ad-time in one of our upcoming videos.Please note that not all requests will be accepted, but if your product is of solid quality, we believe there is nothing to lose in submitting a proposal.We look forward to hearing from you and potentially working together.
Request Ad-Time
Please provide a brief introduction to your product or service, highlighting its technical integrity, testing, and quality.If this is not a technical request, please provide details on the product or service, e.g., lifestyle product, eco-friendly item, home gadget, etc.Please mention any relevant features or qualities, such as sustainability, ease of use, design and any links to studies or details vetting the products quality or function.
GenericTechSupport Business Collaboration request
Collaboration meetings are an essential part of our process, where we work closely with clients to understand their specific needs, discuss potential solutions, and align on goals.These meetings foster open communication and help us provide customized IT support that best suits your business requirements.We are committed to ensuring that every collaboration is productive and results-driven.Use the contact-us details listed here for service
GenericTechSupport MSP Request
We offer a range of pricing options to suit your needs, including flat rates and hourly rates.Whether you require a one-time service or ongoing support, we can customize a solution that fits your budget and ensures you receive the technical assistance you need.Feel free to contact us to discuss the best option for your business.
Have an Idea for a video?
Whether you have a video idea in mind or need assistance learning something new in Technology, feel free to send us a Video Idea. We're here to help!

About TechGuyOne and The GenericTechSupport Youtube Channel.
With over 25 years of extensive experience in the IT and systems engineering field, I have honed my expertise across a broad range of technologies and industries.My journey has led me to work on high-impact projects for multiple high profile organizations, where I was responsible for designing and implementing complex integration and encryption solutions.My technical background spans across various Microsoft server technologies, cloud solutions, security and compliance frameworks, as well as systems and network infrastructure.I have led diverse engineering projects, from Active Directory implementations to designing advanced cloud integrations and supporting legacy systems for some of the largest companies in the world.In multiple roles I have found myself training the more junior engineers and techs, providing them with guidance and direction. These young professionals are who pushed me to start the generictechsupport youtube channel.I specialize in providing expert consulting for businesses seeking tailored IT support, migration solutions, and long-term infrastructure improvements. With a proven track record of ensuring compliance across industries like healthcare, finance, and government, I understand the importance of maintaining a secure and efficient environment.In addition to my technical prowess, I bring a strong set of soft skills to the table, including excellent communication, documentation, and customer service abilities.I have built a reputation for being a collaborative leader, working closely with teams and clients to ensure project success and long-term satisfaction.Whether working on a large-scale migration, designing complex integrations, or providing ongoing IT management and support, I am committed to delivering high-quality, results-driven solutions that enhance operational efficiency and security.
Thank You
Thank you for reaching out!No matter which department you're contacting, we're excited to assist you and look forward to engaging with you in any way we can.
How to Apply WMI in Domain Controllers
Right click WMI Filters, choose New, Name it something, and click on Add, Under the Query, add whatever Query data you want to create the filter from, use the cheat sheet located in the next part of this page, and create the WMI Filter you need to filter.


Windows DESKTOPS WMI Filter List
Windows Desktop OS WMI
Any Windows Desktop OS – Version 1
select * from Win32OperatingSystem WHERE ProductType = "1"
Any Windows Desktop OS – Version 2 (better for Win7 sometimes)
select * from Win32OperatingSystem WHERE (ProductType <> "2") AND (ProductType <> "3")
Any Windows Desktop OS – 32-bit
select * from Win32OperatingSystem WHERE ProductType = "1" AND NOT OSArchitecture = "64-bit"
Any Windows Desktop OS – 64-bit
select * from Win32OperatingSystem WHERE ProductType = "1" AND OSArchitecture = "64-bit"
Windows XP OS WMI
Windows XP
select * from Win32OperatingSystem WHERE (Version like "5.1%" or Version like "5.2%") AND ProductType="1"
Windows XP – 32-bit
select * from Win32OperatingSystem WHERE (Version like "5.1%" or Version like "5.2%") AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows XP – 64-bit (Excluses IA64 Chip)
select * from Win32_OperatingSystem WHERE (Version like "5.1%" or Version like "5.2%") AND ProductType="1" AND OSArchitecture = "64-bit"
Windows VISTA OS WMI
Windows Vista
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="1"
Windows Vista – 32-bit
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows Vista – 64-bit
select * from Win32_OperatingSystem WHERE Version like "6.0%" AND ProductType="1" AND OSArchitecture = "64-bit"
Windows 7 OS WMI
Windows 7
select * from Win32OperatingSystem WHERE Version like "6.1%" AND ProductType="1"
Windows 7 – 32-bit
select * from Win32OperatingSystem WHERE Version like "6.1%" AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows 7 – 64-bit
select * from Win32_OperatingSystem WHERE Version like "6.1%" AND ProductType="1" AND OSArchitecture = "64-bit"
Windows 8 OS WMI
Windows 8
select * from Win32OperatingSystem WHERE Version like "6.2%" AND ProductType="1"
Windows 8 – 32-bit
select * from Win32OperatingSystem WHERE Version like "6.2%" AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows 8 – 64-bit
select * from Win32_OperatingSystem WHERE Version like "6.2%" AND ProductType="1" AND OSArchitecture = "64-bit"
Windows 8.1 OS WMI
Windows 8.1
select * from Win32OperatingSystem WHERE Version like "6.3%" AND ProductType="1"
Windows 8.1 – 32-bit
select * from Win32OperatingSystem WHERE Version like "6.3%" AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows 8.1 – 64-bit
select * from Win32_OperatingSystem WHERE Version like "6.3%" AND ProductType="1" AND OSArchitecture = "64-bit"
Windows 10 OS WMI
Windows 10
select * from Win32OperatingSystem WHERE Version like "10.0.1%" AND ProductType="1"
Windows 10 – 32-bit
select * from Win32OperatingSystem WHERE Version like "10.0.1%" AND ProductType="1" AND NOT OSArchitecture = "64-bit"
Windows 10 – 64-bit
select * from Win32_OperatingSystem WHERE Version like "10.0.1%" AND ProductType="1" AND OSArchitecture = "64-bit"
Windows 11 OS WMI
Windows 11
select * from Win32_OperatingSystem WHERE Version like "10.0.2%" AND ProductType="1"
Windows SERVERS WMI Filter List
Windows Server OS WMI
Any Windows Server OS
select * from Win32OperatingSystem where (ProductType = "2") OR (ProductType = "3")
Any Windows Server OS – 32-bit
select * from Win32OperatingSystem where (ProductType = "2") OR (ProductType = "3") AND NOT OSArchitecture = "64-bit"
Any Windows Server OS – 64-bit
select * from Win32OperatingSystem where (ProductType = "2") OR (ProductType = "3") AND OSArchitecture = "64-bit"
Any Windows Server – Domain Controller
select * from Win32OperatingSystem where (ProductType = "2")
Any Windows Server – Domain Controller – 32-bit
select * from Win32OperatingSystem where (ProductType = "2") AND NOT OSArchitecture = "64-bit"
Any Windows Server – Domain Controller – 64-bit
select * from Win32OperatingSystem where (ProductType = "2") AND OSArchitecture = "64-bit"
Any Windows Server – Non-Domain Controller
select * from Win32OperatingSystem where (ProductType = "3")
Any Windows Server – Non- Domain Controller – 32-bit
select * from Win32OperatingSystem where (ProductType = "3") AND NOT OSArchitecture = "64-bit"
Any Windows Server – Non-Domain Controller – 64-bit
select * from Win32_OperatingSystem where (ProductType = "3") AND OSArchitecture = "64-bit"
Windows Server 2003 WMI
Windows Server 2003 – DC
select * from Win32OperatingSystem WHERE Version like "5.2%" AND ProductType="2"
Windows Server 2003 – non-DC
select * from Win32OperatingSystem WHERE Version like "5.2%" AND ProductType="3"
Windows Server 2003 – 32-bit – DC
select * from Win32OperatingSystem WHERE Version like "5.2%" AND ProductType="2" AND NOT OSArchitecture = "64-bit"
Windows Server 2003 – 32-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "5.2%" AND ProductType="3" AND NOT OSArchitecture = "64-bit"
Windows Server 2003 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "5.2%" AND ProductType="2" AND OSArchitecture = "64-bit"
Windows Server 2003 – 64-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "5.2%" AND ProductType="3" AND OSArchitecture = "64-bit"
Windows Server 2003R2 WMI
Windows Server 2003 R2 – DC
select * from Win32OperatingSystem WHERE Version like "5.2.3%" AND ProductType="2"
Windows Server 2003 R2 – non-DC
select * from Win32OperatingSystem WHERE Version like "5.2.3%" AND ProductType="3"
Windows Server 2003 R2 – 32-bit – DC
select * from Win32OperatingSystem WHERE Version like "5.2.3%" AND ProductType="2" AND NOT OSArchitecture = "64-bit"
Windows Server 2003 R2 – 32-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "5.2.3%" AND ProductType="3" AND NOT OSArchitecture = "64-bit"
Windows Server 2003 R2 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "5.2.3%" AND ProductType="2" AND OSArchitecture = "64-bit"
Windows Server 2003 R2 – 64-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "5.2.3%" AND ProductType="3" AND OSArchitecture = "64-bit"
Windows Server 2008 WMI
Windows Server 2008 – DC
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="2"
Windows Server 2008 – non-DC
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="3"
Windows Server 2008 – 32-bit – DC
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="2" AND NOT OSArchitecture = "64-bit"
Windows Server 2008 – 32-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="3" AND NOT OSArchitecture = "64-bit"
Windows Server 2008 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="2" AND OSArchitecture = "64-bit"
Windows Server 2008 – 64-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "6.0%" AND ProductType="3" AND OSArchitecture = "64-bit"
Windows Server 2008R2 WMI
Windows Server 2008 R2 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "6.1%" AND ProductType="2"
Windows Server 2008 R2 – 64-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "6.1%" AND ProductType="3"
Windows Server 2012 WMI
Windows Server 2012 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "6.2%" AND ProductType="2"
Windows Server 2012 – 64-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "6.2%" AND ProductType="3"
Windows Server 2012R2 WMI
Windows Server 2012 R2 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "6.3%" AND ProductType="2"
Windows Server 2012 R2 – 64-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "6.3%" AND ProductType="3"
Windows Server 2016 WMI
Windows Server 2016 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "10.0.14%" AND ProductType="2"
Windows Server 2016 – 64-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "10.0.14%" AND ProductType="3"
Windows Server 2019 WMI
Windows Server 2019 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "10.0.17%" AND ProductType="2"
Windows Server 2019 – 64-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "10.0.17%" AND ProductType="3"
Windows Server 2022 WMI
Windows Server 2022 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "10.0.20%" AND ProductType="2"
Windows Server 2022 – 64-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "10.0.20%" AND ProductType="3"
Windows Server 2025 WMI
Windows Server 2025 – 64-bit – DC
select * from Win32OperatingSystem WHERE Version like "10.0.26%" AND ProductType="2"
Windows Server 2025 – 64-bit – non-DC
select * from Win32OperatingSystem WHERE Version like "10.0.26%" AND ProductType="3"
Under Construction
Fedora Command ListUpdate Commands:
sudo dnf update
sudo dnf upgrade --refresh
--------------------------------
Install Snap:
sudo dnf install snapd
sudo ln -s /var/lib/snapd/snap /snap
--------------------------------
Install Flatpak:
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
------------------------------
Install OBSStudios:
flatpak install flathub com.obsproject.Studio -y
sudo dnf upgrade --refresh
------------------------------
Install OpenShot:
sudo dnf install openshot
------------------------------
How to install Nvidea Drivers
Install NVidea Drivers:
sudo dnf install kernel-devel kernel-headers gcc make dkms acpid libglvnd-glx libglvnd-opengl libglvnd-devel pkgconfig
------------------------------------------------
Free Driver (Open)
sudo dnf install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
------------------------------------------------
Offical NVidea Driver: (closed)
sudo dnf install https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
------------------------------------------------
Make the Driver the default:
sudo dnf makecache
sudo dnf install akmod-nvidia xorg-x11-drv-nvidia-cuda
------------------------------------------------
------------------------------------------------
Package Removal Instructions
DNF Removal:
sudo dnf remove Package NameSnap Removal:
sudo snap remove Package NameFlatpak Removal:
sudo flatpak remove Package Name
Fedora 41 - Community Reply Video
Update Commands:
sudo dnf update
sudo dnf upgrade --refresh
--------------------------------
Install Snap:
sudo dnf install snapd
sudo ln -s /var/lib/snapd/snap /snap
--------------------------------
Install Flatpak:
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
------------------------------
Install OBSStudios:
flatpak install flathub com.obsproject.Studio -y
sudo dnf upgrade --refresh
------------------------------
Install OpenShot:
sudo dnf install openshot
------------------------------
Package Removal Instructions
DNF Removal:
sudo dnf remove Package NameSnap Removal:
sudo snap remove Package NameFlatpak Removal:
sudo flatpak remove Package Name
Content
Linux Software Repos
Debian Repositories
Additional Repositories:
---------------------------------------------
RetroArch:
sudo add-apt-repository ppa:libretro/stable -y
---------------------------------------------
Xbox:
Sudo add-apt-repository ppa:mborgerson/xemu
---------------------------------------------
Firefox Official:
sudo add-apt-repository ppa:mozillateam/ppa
---------------------------------------------
YTDL:
sudo add-apt-repository ppa:tomtomtom/yt-dlp
---------------------------------------------
OBS Studios:
sudo add-apt-repository ppa:obsproject/obs-studio
---------------------------------------------
Steam:
sudo add-apt-repository-multiverse
---------------------------------------------
OpenShot:
sudo add-apt-repository ppa:openshot.developers/ppa -y
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
---------------------------------------------
SNAP LISTS (Debian, Fedora, ARCH)
Business SNAPS
Install Microsoft Teams
sudo snap install teams-for-linux
--------------------------------------------
Install Slack for Linux
sudo snap install slack
--------------------------------------------
Install VLC Player on Linux
sudo snap install vlc
--------------------------------------------
Install Discord
sudo snap install discord
--------------------------------------------
Snap Store:
sudo snap install snap-store
--------------------------------------------
Open Shot:
sudo snap install openshot-community
--------------------------------------------
Debian Gaming Emulators
Xbox:
sudo apt install xemu
------------------------------------------------
PS3:
Sudo snap install rpcs3-emu
------------------------------------------------
Genesis:
Sudo apt -y install higan
------------------------------------------------
WII:
sudo snap install dolphin-emulator --edge
----
WII-MOTE:
sudo apt install libcwiid1 lswm wmgui wminput
-----
sudo echo "uinput" Shift Period Shift Period /etc/modules
-----
sudo modprobe uinput
------------------------------------------------
SNES:
Sudo apt-get install zsnes
------------------------------------------------
N64:
sudo apt install mupen64plus-qt
------------------------------------------------
PS2:
sudo apt-get install pcsx2
------------------------------------------------
GameBoy Advanced:
sudo snap install visualboyadvance-m --beta
------------------------------------------------
Retro Arcade (arch)
sudo apt install software-properties-common apt-transport-https -y
---
sudo apt install retroarch -y
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
Basic Fedora Software List
Install a different docking station:
sudo dnf install gnome-shell-extension-dash-to-dock
------------------------------------------------
More Docking station details:
https://extensions.gnome.org/extension/307/dash-to-dock/
------------------------------------------------
Install Snap:
sudo dnf install snapd
sudo dnf update
sudo ln -s /var/lib/snapd/snap /snap
------------------------------------------------
Special Note: Snap Store/App does not work right in Fedora.
------------------------------------------------
Install Steam: (Proton Only)
sudo dnf install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm -y
---
sudo dnf config-manager --enable fedora-cisco-openh264 -y
---
sudo dnf config-manager setopt fedora-cisco-openh264.enabled=1
---
sudo dnf install steam -y
------------------------------------------------
Install any .rpm:
rpm -ihv --nodeps package Name
------------------------------------------------
Driver issues:
rpm -qa | grep -e package name
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
------------------------------------------------
Debian Download Links
Deb Files
All .deb files can be installed by right-clicking and choosing to open with the "GDebi" Package installer.

Fedora Download Links
RPM Files
All .rpm files can be installed by right-clicking and choosing to open with the "Software" installer.

ISO LINKS - FEDORA BASED
ISO LINKS - MISC LINUX ISO
ISO LINKS - DEBIAN BASED
Under Construction
Build Script Details from Video
How to:
Get the Trusted Host (Workgroup Mode) list..
Get-Item WSMan:\localhost\Client\TrustedHosts
How to Set the Trust for WinRM communication:
(MachineA and MachineB)
Set-Item WSMan:\localhost\Client\TrustedHosts -Value 'machineA,machineB'If the above does not work, or still throws an error, try the Asterisk.Set-Item WSMan:\localhost\Client\TrustedHosts -Value '*'Once you have everything on the domain, run the clear command on all boxes to reset the trust.Clear-Item -Path WSMan:\localhost\Client\TrustedHosts -Force
Setting up a share on Core Server
If you want to share a folder named "Bills" and you want to give it read, write and modify access, this is the command.Note: "Bill Access" is the name of the security group we created in AD.New-SmbShare –Name Bills –Path "C:\Network Share\Bills –changeaccess "bill access"If you have a share named "bills" and you want to give it full control.. this is the command (Not recommended, see video for details)New-SmbShare –Name Bills –Path "C:\Network Share\Bills –fullaccess "bill access"
Remove the Share if you screw up
Check your share from CMD: Net shareIf you screwed up the share..Remove-SmbShare -Name "Bills"
Use the links to return to Home or Watch the video
Windows Software Links
ISO LINKS - WINDOWS DESKTOP
Under Construction
Windows WinGet
Powershell Command
Open Powershell as admin:Add-AppxPackage -RegisterByFamilyName -MainPackage Microsoft.DesktopAppInstaller_8wekyb3d8bbwe
To use the Winget commands:
Open CMD As Admin
(NOTE: you must be a local administrator for this to work, and cannot be logged in as a local user)winget search (some kind of product)
winget install google.chrome
winget install valve.steam
winget install electronicarts.origin
To Remove an application:winget remove (application ID)
--silent (doesn't work)NOTE: While Silent doesn't work on all applications, it does on some, and this process is much easier than stumbling through the GUI.
ISO LINKS - WINDOWS SERVER

Welcome to all things Debian Wiki
Welcome to the debian Wiki
In this location you will find common commands for application installations that work on all flavors of Debian.
Install Snap:
sudo apt install snapd
--------------------------------------------
Search a snap:
sudo snap search snap name
--------------------------------------------
Install a snap:
sudo snap install package Name
--------------------------------------------
Remove a snap:
sudo snap remove Package Name
--------------------------------------------
Install Flatpak:
sudo apt install flatpak
--------------------------------------------
Search for a flatpak:
sudo flatpak search flatpak name
--------------------------------------------
install a flatpak:
sudo flatpak install flatpak name
--------------------------------------------
Remove a flatpak:
sudo flatpak remove flatpak Name
--------------------------------------------
Install Updates:
sudo apt update -y
sudo apt upgrade -y
--------------------------------------------
Install Apt Packages:
sudo apt install package Name
--------------------------------------------
Search Package names with Apt:
sudo apt search package type
(for instance: sudo apt search google)
--------------------------------------------
remove an apt:
sudo apt remove package name
--------------------------------------------
(NOTE: apt replaces apt-get, if you are on older builds you may need to use apt-get)
How to install XRDP on Mint
sudo apt install xrdp
sudo systemctl enable xrdp
sudo ufw allow 3389
sudo reboot now
Increase your Swap File
Make Page file 8GB (NOTE, you can make this 4GB, or 16GB, or modify whatever number you want of GB)
---------------------------------------------
sudo swapoff -a
---------------------------------------------
sudo fallocate -l 8G /swapfile
---------------------------------------------
sudo chmod 600 /swapfile
---------------------------------------------
sudo mkswap /swapfile
---------------------------------------------
sudo swapon /swapfile
---------------------------------------------
sudo swapon --show
---------------------------------------------
Use the links to return to Home or View Linux Software
See Link for Debian Wiki for more details

Non-Standard Package install details
(XP Version and 10 Version with Snap Packages)
The Snap store installation on this OS is slightly different.Use this process instead of what's in the debian Wiki:Install Snap Configuration:
sudo apt install snapd
---------------------------------------------
Fix the Menu Bug:
sudo apt install xfce4-appfinder -y
sudo apt install exo-utils -y
sudo apt install libexo* -y
sudo reboot now
----------------------------------------------
Follow any additional instructions in the Debian Wiki for more packages and install help.
Windows 10 Version

Things to Note
There's no default update gui package installed.You will likely need to use the gui to at least start the update process at first.sudo apt update
authenticateAt which point the gui should populate available updates. After doing this once I didn't need to do this again, and the Gui just worked.
Use the links to return to Home or Watch the videos, or download the ISO files and try this yourself

NixOS - Coming 2/20/25
How to Install Flatpak on NIX OS
Using Terminal Open
/etc/nixos/configuration.nixsudo nano /etc/nixos/configuration.nixLocate the section that says "Services"Add this line:services.flatpak.enable = true;Control X to save, and y to save over the other fileNext run: (as sudo)
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepoLastly:
reboot
Command to install flatpaks
Same as all the other flavors of Linux..sudo flatpak search (app Name)
sudo flatpak install (app Name)If you can't find the package, try to update the repository..sudo flatpak update
Command to install Nix Packages
Much like the Linux Versions of Debian and Fedora
where you get the:sudo apt install vlc
--or--
sudo dnf install vlcNix has it's own application managerto install a nix, you would think sudo nix install vlc, but you would be wrong.Nix uses: sudo nix-env -i vlc to install the same application. (assuming the package exists on Nix)
Sample Bash Script for Debian
This is a sample BASH script created for an automated installation of Linux MINT
#!/bin/sh
# Welcome to the GenericTechSupport Youtube Channel Script, for installing Windows 11 Default Build Replacement applications, Please Note, you will need to install the Steam
# Application and the Snap Repository outside of this script. You Must install Snap before running this script, and must reboot, and must install the steam application after running
# this script and rebooting again. If you add the Steam store installation to this script it will cause the network drivers to fail, and cause the system to lose internet connection.
# You have been warned.
#
#
# To Follow the video save this file as applicationinstall.sh in the home directory
# Feel free to comment out whatever packages you don't want.
#
#
# Install Snap Repositories and updates prior to running this script.
# Snap update will require a reboot
# sudo mv /etc/apt/preferences.d/nosnap.pref ~/Documents/nosnap.backup
# sudo apt update
# sudo apt install snapd
# sudo snap install snap-store
#
#
# Also install VmWare Tools if you are installing this on vmware workstation or player, which will also require a reboot.
# sudo apt-get install open-vm-tools-desktop
# sudo apt-get install open-vm-tools
#
#
# update Repositories
sudo apt-get update
#
# Add the Multiverse repository, needed for steam
sudo add-apt-repository multiverse
#
# Add the Mozilla Repository, needed to update firefox.
sudo add-apt-repository ppa:mozillateam/ppa -y
#
# Add the YT DLP Repository, added for downloading media online.
sudo add-apt-repository ppa:tomtomtom/yt-dlp -y
#
# Add the OBS Project repository, needed for OBS-Studios
sudo add-apt-repository ppa:obsproject/obs-studio -y
#
# Add the OpenShot repository, needed for openshot video editing
sudo add-apt-repository ppa:openshot.developers/ppa -y
#
# download the Software needed for the apt repository
#
# Download the Office Apps debian application for office apps on o365
wget http://sourceforge.net/projects/microsoftonlineapps/files/v1.0.0/microsoftonlineapps.deb/download -P ./Downloads/Microsoft
#
# Download new Chrome, for Chrome Browser on Linux
wget https://dl.google.com/linux/direct/google-chrome-stablecurrentamd64.deb -P ./Downloads
#
# Download Zoom for Linux
wget https://zoom.us/client/6.3.1.5673/zoom_amd64.deb -P ./Downloads
#
# update the packages and repository options for next installation steps.
sudo apt-get update
#
# Install the Apt Repo Applications
#
# Install the Application YT Downloader
sudo apt-get install yt-dlp -y
#
# Install the OSB Studios Application
sudo apt-get install obs-studio -y
#
# Install the Openshot video Editor Software
sudo apt-get install openshot-qt python3-openshot -y
#
# Install the Custom Downloaded Packages
#
# Install the Microsoft Office Apps Package for Linux
sudo dpkg -i ~/Downloads/Microsoft/download
#
# Install the Chrome Browser on Linux
sudo dpkg -i ~/Downloads/google-chrome-stable.deb
#
# Install Zoom on Linux
sudo dpkg -i ~/Downloads/zoom.deb
#
# Install the Snaps
#
# Install Microsoft Teams
sudo snap install teams-for-linux
#
# Install Slack for Linux
sudo snap install slack
#
# Install VLC Player on Linux
sudo snap install vlc
#
# Install the Discord application on Linux
sudo snap install discord
#
# Upgrade the packages to latest version
sudo apt-get update
sudo apt-get upgrade -y
#
# Cleanup all cached data, Low on drive space option.
# sudo apt-get clean
#
# Cleanup downloaded apt packages, Low on drive space option.
# rm -rf ./Downloads/*
#
# Fix any encountered errors, common issue on discord application for some reason..
sudo apt --fix-broken install -y
#
# Reboot the system
sudo reboot now
#
# You must reboot to install Steam, please grab the bellow line and install outside of this script.
#
#
# WARNING - Steam has a lot of dependencies and may cause issues with NIC and other drivers, make sure all updates are done and a reboot is complete before running install for steam.
# sudo apt-get update
# sudo apt-get upgrade -y
# sudo apt-get dist-upgrade -y
# sudo do-release-upgrade -y
# sudo apt-get install steam -y
#

Kali Video - 2/14/25
Application Name:dnsrecon -d nameofdomain.com

Output will provide deep troubleshooting details on DNS server or configuration.NOTE: This is for Website lookup or to troubleshoot your internal network, not designed for any illegal activity.

Raven Talon Debloater Tool - A full Dissection
Watch the breakdown on 2/25/25
!!!WARNING!!!
Before running the debloater scripts, make sure you have notepad++ and Firefox installed on your system. This was only tested on 24H2 as a clean build, use this at your own risk for pre-built systems.
This document contains the itemized process of cleaning up the bloat in stages, For a much easier process, use the Raven Talon "Debloater application" found on the Raven Git Website.
Please Donate to their project, it helps our tech community continue to develop free packages
Edge Pin Removal Script
Run the script as admin in Powershell and the Menu cleanup and
reboot afterwards:
------------------------------------------function Unpin-App([string]$appname) {
((New-Object -Com Shell.Application).NameSpace('shell:::{4234d49b-0245-4df3-b780-3893943456e1}').Items() |
?{$.Name -eq $appname}).Verbs() | ?{$.Name.replace('&','') -match 'Unpin from taskbar'} | %{$_.DoIt()}
}Unpin-App("Microsoft Edge")
Windows Menu Cleanup Windows 11
Run as admin in powershell or cmd, and reboot when completed.
---------------------------------------------reg add "HKCU\Software\Classes\CLSID{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /f /ve
REBOOT NOW
Microsoft Edge Removal Powershell Script
Run the following as a PS1 file as admin
if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
Write-Host "This script must be run with administrator rights!" -ForegroundColor Red
Break
}
Write-Host "Edge Vanisher started" -ForegroundColor Yellow
Write-Host "Starting Microsoft Edge uninstallation process..." -ForegroundColor YellowWrite-Host "Terminating Edge processes..." -ForegroundColor Cyan
$processes = Get-Process | Where-Object { $.Name -like "edge" }
if ($processes) {
$processes | ForEach-Object {
Write-Host "Terminated process: $($.Name) (PID: $($.Id))" -ForegroundColor Cyan
}
$processes | Stop-Process -Force -ErrorAction SilentlyContinue
} else {
Write-Host "No running Edge processes found." -ForegroundColor Cyan
}Write-Host "Uninstalling Edge with setup..." -ForegroundColor Cyan
$edgePath = "${env:ProgramFiles(x86)}\Microsoft\Edge\Application*\Installer etup.exe"
if (Test-Path $edgePath) {
Start-Process -FilePath $(Resolve-Path $edgePath) -ArgumentList "--uninstall --system-level --verbose-logging --force-uninstall" -Wait
}Write-Host "Removing Start Menu shortcuts..." -ForegroundColor Cyan
$startMenuPaths = @(
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk",
"$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk",
"$env:ALLUSERSPROFILE\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk"
)
foreach ($path in $startMenuPaths) {
if (Test-Path $path) {
Write-Host "Deleting: $path" -ForegroundColor Cyan
Remove-Item -Path $path -Force -ErrorAction SilentlyContinue
if (!(Test-Path $path)) {
Write-Host "Successfully deleted: $path" -ForegroundColor Green
} else {
Write-Host "Failed to delete: $path" -ForegroundColor Red
}
}
}Write-Host "Cleaning Edge folders..." -ForegroundColor Cyan
$edgePaths = @(
"$env:LOCALAPPDATA\Microsoft\Edge",
"$env:PROGRAMFILES\Microsoft\Edge",
"${env:ProgramFiles(x86)}\Microsoft\Edge",
"${env:ProgramFiles(x86)}\Microsoft\EdgeUpdate",
"${env:ProgramFiles(x86)}\Microsoft\EdgeCore",
"$env:LOCALAPPDATA\Microsoft\EdgeUpdate",
"$env:PROGRAMDATA\Microsoft\EdgeUpdate",
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk",
"$env:PUBLIC\Desktop\Microsoft Edge.lnk"
)
foreach ($path in $edgePaths) {
if (Test-Path $path) {
Write-Host "Cleaning: $path" -ForegroundColor Cyan
takeown /F $path /R /D Y | Out-Null
icacls $path /grant administrators:F /T | Out-Null
Remove-Item -Path $path -Recurse -Force -ErrorAction SilentlyContinue
}
}Write-Host "Cleaning Edge registry entries..." -ForegroundColor Cyan
$edgeRegKeys = @(
"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge",
"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge Update",
"HKLM:\SOFTWARE\Microsoft\EdgeUpdate",
"HKCU:\Software\Microsoft\Edge",
"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\msedge.exe",
"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft EdgeUpdate",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft EdgeUpdate",
"HKLM:\SOFTWARE\Microsoft\Edge",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\Edge",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge Update"
)
foreach ($key in $edgeRegKeys) {
if (Test-Path $key) {
Write-Host "Deleting registry key: $key" -ForegroundColor Cyan
Remove-Item -Path $key -Recurse -Force -ErrorAction SilentlyContinue
if (!(Test-Path $key)) {
Write-Host "Successfully deleted registry key: $key" -ForegroundColor Green
} else {
Write-Host "Failed to delete registry key: $key" -ForegroundColor Red
}
}
}$edgeUpdatePath = "${env:ProgramFiles(x86)}\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe"
if (Test-Path $edgeUpdatePath) {
Start-Process $edgeUpdatePath -ArgumentList "/uninstall" -Wait -ErrorAction SilentlyContinue
}$services = @(
"edgeupdate",
"edgeupdatem",
"MicrosoftEdgeElevationService"
)
foreach ($service in $services) {
Stop-Service -Name $service -Force -ErrorAction SilentlyContinue
sc.exe delete $service
}$edgeSetup = Get-ChildItem -Path "${env:ProgramFiles(x86)}\Microsoft\Edge\Application*\Installer etup.exe" -ErrorAction SilentlyContinue
if ($edgeSetup) {
Start-Process $edgeSetup.FullName -ArgumentList "--uninstall --system-level --verbose-logging --force-uninstall" -Wait
}Stop-Process -Name explorer -Force -ErrorAction SilentlyContinue
Start-Process explorer
Write-Host "`nMicrosoft Edge uninstallation process completed!" -ForegroundColor GreenWrite-Host "Creating protective Edge folders..." -ForegroundColor Cyan
$protectiveFolders = @(
@{
Base = "${env:ProgramFiles(x86)}\Microsoft\Edge"
App = "${env:ProgramFiles(x86)}\Microsoft\Edge\Application"
CreateSubFolder = $true
},
@{
Base = "${env:ProgramFiles(x86)}\Microsoft\EdgeCore"
CreateSubFolder = $false
}
)
foreach ($folder in $protectiveFolders) {
# Create folders
New-Item -Path $folder.Base -ItemType Directory -Force | Out-Null
if ($folder.CreateSubFolder) {
New-Item -Path $folder.App -ItemType Directory -Force | Out-Null
}
Write-Host "Processing protective folder: $($folder.Base)" -ForegroundColor Cyan$currentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent().Namefolder only for EdgeCore
if (!$folder.CreateSubFolder) {
try {
$acl = New-Object System.Security.AccessControl.DirectorySecurity$acl.SetOwner([System.Security.Principal.NTAccount]$currentUser)
$acl.SetAccessRuleProtection($true, $false)including take ownership permission
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
$currentUser,
"FullControl,TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Allow"
)
$acl.AddAccessRule($accessRule)permission for SYSTEM, Administrators and Trusted Installer
$systemSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-18")
$adminsSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
$trustedInstallerSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464")
$authenticatedUsersSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-11")$denyRule1 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$systemSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)$denyRule2 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$adminsSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$denyRule3 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$trustedInstallerSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$denyRule4 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$authenticatedUsersSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$acl.AddAccessRule($denyRule1)
$acl.AddAccessRule($denyRule2)
$acl.AddAccessRule($denyRule3)
$acl.AddAccessRule($denyRule4)Set-Acl $folder.Base $acl -ErrorAction Stop
Write-Host "Success: $($folder.Base)" -ForegroundColor Green
}
catch {
Write-Host "Error occurred: $($folder.Base) - $" -ForegroundColor Red
}
}
else {Get-ChildItem -Path $folder.Base -Recurse | ForEach-Object {
try {
$acl = New-Object System.Security.AccessControl.DirectorySecurity$acl.SetOwner([System.Security.Principal.NTAccount]$currentUser)$acl.SetAccessRuleProtection($true, $false)permission including take ownership permission
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
$currentUser,
"FullControl,TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Allow"
)
$acl.AddAccessRule($accessRule)$systemSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-18")
$adminsSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
$trustedInstallerSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464")
$authenticatedUsersSid = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-11")$denyRule1 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$systemSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)$denyRule2 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$adminsSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$denyRule3 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$trustedInstallerSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$denyRule4 = New-Object System.Security.AccessControl.FileSystemAccessRule(
$authenticatedUsersSid,
"TakeOwnership,ChangePermissions",
"ContainerInherit,ObjectInherit",
"None",
"Deny"
)
$acl.AddAccessRule($denyRule1)
$acl.AddAccessRule($denyRule2)
$acl.AddAccessRule($denyRule3)
$acl.AddAccessRule($denyRule4)Set-Acl $.FullName $acl -ErrorAction Stop
Write-Host "Success: $($.FullName)" -ForegroundColor Green
}
catch {
Write-Host "Error occurred: $($.FullName) - $" -ForegroundColor Blue
}
}
}
}
Write-Host "Protective folders created and security settings configured for Edge and EdgeCore." -ForegroundColor Purple
NOTE: You will need to reboot after you run this.
Find your AppX Packages for your user
Run the following as a PS1 file as admin
mkdir c:\tools
Get-AppXPackage > C:\tools\AppXPackages.Log
Find your AppX Packages for Public Users
Run the following as a PS1 file as admin
mkdir c:\tools
Get-AppXPackage -allusers > C:\tools\AppXAllUsers.Log
Remove All AppX Packages from 24H2
Run the following as a PS1 file as admin
# Remove Applications HKCU (user Account)
Get-AppxPackage -name msteams | remove-appxpackage
Get-AppxPackage -name Microsoft.StorePurchaseApp | remove-appxpackage
Get-AppxPackage -name Microsoft.Todos | remove-appxpackage
Get-AppxPackage -name MicrosoftCorporationII.QuickAssist | remove-appxpackage
Get-AppxPackage -name Microsoft.YourPhone | remove-appxpackage
Get-AppxPackage -name Microsoft.XboxSpeechToTextOverlay | remove-appxpackage
Get-AppxPackage -name Microsoft.XboxGamingOverlay | remove-appxpackage
Get-AppxPackage -name Microsoft.Xbox.TCUI | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsSoundRecorder | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsFeedbackHub | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsCamera | remove-appxpackage
Get-AppxPackage -name Microsoft.Windows.Photos | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsCalculator | remove-appxpackage
Get-AppxPackage -name Microsoft.Windows.DevHome | remove-appxpackage
Get-AppxPackage -name Microsoft.WebpImageExtension | remove-appxpackage
Get-AppxPackage -name Microsoft.WebMediaExtensions | remove-appxpackage
Get-AppxPackage -name Microsoft.MicrosoftStickyNotes | remove-appxpackage
Get-AppxPackage -name Microsoft.MicrosoftSolitaireCollection | remove-appxpackage
Get-AppxPackage -name Microsoft.GetHelp | remove-appxpackage
Get-AppxPackage -name Microsoft.GamingApp | remove-appxpackage
Get-AppxPackage -name Microsoft.BingWeather | remove-appxpackage
Get-AppxPackage -name Microsoft.BingSearch | remove-appxpackage
Get-AppxPackage -name Microsoft.BingNews | remove-appxpackage
Get-AppxPackage -name Microsoft.MicrosoftEdge.Stable | remove-appxpackage
Get-AppxPackage -name Microsoft.Copilot | remove-appxpackage
Get-AppxPackage -name MicrosoftWindows.Client.WebExperience | remove-appxpackage
Get-AppxPackage -name Microsoft.zunemusic | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsStore | remove-appxpackage
Get-AppxPackage -name Microsoft.XboxIdentityProvider | remove-appxpackage
Get-AppxPackage -name Microsoft.ScreenSketch | remove-appxpackage
Get-AppxPackage -name Microsoft.WindowsAlarms | remove-appxpackage
Get-AppxPackage -name Microsoft.PowerAutomateDesktop | remove-appxpackage
Get-AppxPackage -name Microsoft.OutlookForWindows | remove-appxpackage
Get-AppxPackage -name Microsoft.MicrosoftOfficeHub | remove-appxpackage#Remove Applications HKLM (Public)
Get-AppxPackage -allusers -name Microsoft.MicrosoftOfficeHub | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.MicrosoftEdge.Stable | remove-appxpackage
Get-AppxPackage -allusers -name Clipchamp.Clipchamp | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.BingNews | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.BingSearch | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.BingWeather | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.GamingApp | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.GetHelp | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.OutlookForWindows | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.PowerAutomateDesktop | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.ScreenSketch | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.StorePurchaseApp | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.Todos | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WebpImageExtension | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WebMediaExtensions | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.Windows.DevHome | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.Windows.Photos | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WindowsAlarms | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WindowsFeedbackHub | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WindowsSoundRecorder | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.WindowsStore | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.Xbox.TCUI | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.XboxGamingOverlay | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.XboxIdentityProvider | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.XboxSpeechToTextOverlay | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.YourPhone | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.ZuneMusic | remove-appxpackage
Get-AppxPackage -allusers -name MicrosoftCorporationII.QuickAssist | remove-appxpackage
Get-AppxPackage -allusers -name MicrosoftWindows.Client.WebExperience | remove-appxpackage
Get-AppxPackage -allusers -name MicrosoftWindows.CrossDevice | remove-appxpackage
Get-AppxPackage -allusers -name MSTeams | remove-appxpackage
Get-AppxPackage -allusers -name Microsoft.Copilot | remove-appxpackage
REBOOT WHEN COMPLETED
Cleanup Task Scheduler 24H2
Run the following as a PS1 file as admin
Get-ScheduledTask -TaskPath "" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\AppID" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\Application Experience" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\ApplicationData" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\AppListBackup" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\BrokerInfrastructure" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\capabilityaccessmanager" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\CloudExperienceHost" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\CloudRestore" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\Offline Files" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\SystemRestore" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\XblGameSave\ " | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\DiskDiagnostic" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "Microsoft\Windows\Customer Experience Improvement program" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\Feedback\Siuf" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\Windows Error Reporting" | Disable-ScheduledTask
Get-ScheduledTask -TaskPath "\Microsoft\Windows\Maps" | Disable-ScheduledTask
NOTE: THERE'S a BUG AS SHOWN IN THE VIDEO
REBOOT WHEN COMPLETED
Remove Onedrive 24H2
Run the following as a PS1 file as admin
Get-Process | Where-Object { $.ProcessName -like "onedrive" } | Stop-Process -Force
if (Test-Path "$env:SystemRoot\SysWOW64\OneDriveSetup.exe") {
& "$env:SystemRoot\SysWOW64\OneDriveSetup.exe" /uninstall
} elseif (Test-Path "$env:SystemRoot\System32\OneDriveSetup.exe") {
& "$env:SystemRoot\System32\OneDriveSetup.exe" /uninstall
}@(
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk",
"$env:APPDATA\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk",
"$env:PUBLIC\Desktop\OneDrive.lnk",
"$env:USERPROFILE\Desktop\OneDrive.lnk",
"$env:USERPROFILE\OneDrive",
"$env:LOCALAPPDATA\Microsoft\OneDrive",
"$env:ProgramData\Microsoft\OneDrive",
"$env:SystemDrive\OneDriveTemp"
) | ForEach-Object { Remove-Item $ -Force -Recurse }@(
"HKCR:\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}",
"HKCR:\Wow6432Node\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}",
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
) | ForEach-Object { Remove-Item -Path $_ -Recurse -Force }Get-Process explorer | Stop-Process -Force
Start-Sleep -Seconds 2
Start-Process explorer
REBOOT WHEN COMPLETED
Remove Microsoft Office 24H2
Run the following as a PS1 file as admin
Get-Process | Where-Object { $.ProcessName -like "outlook" } | Stop-Process -Force
Start-Sleep -Seconds 3Get-AppxPackage Microsoft.Office.Outlook | Remove-AppxPackage
Get-AppxProvisionedPackage -Online | Where-Object {$.PackageName -like "Microsoft.Office.Outlook"} | Remove-AppxProvisionedPackage -Online
Get-AppxPackage Microsoft.OutlookForWindows | Remove-AppxPackage
Get-AppxProvisionedPackage -Online | Where-Object {$.PackageName -like "Microsoft.OutlookForWindows"} | Remove-AppxProvisionedPackage -Online$windowsAppsPath = "C:\Program Files\WindowsApps"
$outlookFolders = Get-ChildItem -Path $windowsAppsPath -Directory | Where-Object { $.Name -like "Microsoft.OutlookForWindows" }
foreach ($folder in $outlookFolders) {
$folderPath = Join-Path $windowsAppsPath $folder.Name
takeown /f $folderPath /r /d Y | Out-Null
icacls $folderPath /grant administrators:F /t | Out-Null
Remove-Item -Path $folderPath -Recurse -Force
}$shortcutPaths = @(
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk",
"$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Outlook.lnk",
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outlook.lnk",
"$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Outlook.lnk",
"$env:PUBLIC\Desktop\Outlook.lnk",
"$env:USERPROFILE\Desktop\Outlook.lnk",
"$env:PUBLIC\Desktop\Microsoft Outlook.lnk",
"$env:USERPROFILE\Desktop\Microsoft Outlook.lnk",
"$env:PUBLIC\Desktop\Outlook (New).lnk",
"$env:USERPROFILE\Desktop\Outlook (New).lnk",
"$env:ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (New).lnk",
"$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Outlook (New).lnk"
)
$shortcutPaths | ForEach-Object { Remove-Item $_ -Force }
Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name "ShowTaskViewButton" -Value 0 -Type DWord -Force$registryPaths = @(
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband",
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\TaskbarMRU",
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\TaskBar",
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"
)
foreach ($path in $registryPaths) {
if (Test-Path $path) {
@("Favorites", "FavoritesResolve", "FavoritesChanges", "FavoritesRemovedChanges", "TaskbarWinXP", "PinnedItems") |
ForEach-Object { Remove-ItemProperty -Path $path -Name $_ -ErrorAction SilentlyContinue }
}
}Remove-Item "$env:LOCALAPPDATA\Microsoft\Windows\Shell\LayoutModification.xml" -Force
Remove-Item "$env:LOCALAPPDATA\Microsoft\Windows\Explorer\iconcache" -Force
Remove-Item "$env:LOCALAPPDATA\Microsoft\Windows\Explorer\thumbcache*" -ForceGet-Process explorer | Stop-Process -Force
Start-Sleep -Seconds 2
Start-Process explorer
REBOOT WHEN COMPLETED
Service Console Disable 24H2
Run the following as a bat file as admin
# Stops Xbox Accessory Integrations
sc config "xboxgipsvc" start=disabled
sc stop xboxgipsvc
# Stops Xbox Authentication Manager
sc config "XblAuthManager" start=disabled
sc stop XblAuthManager
# Stops Windows/Xbox Game Sync
sc config "XblGameSave" start=disabled
sc stop XblGameSave
# Stops Xbox Online sync
sc config "XboxNetApiSvc" start=disabled
sc stop XboxNetApiSvc
#stops Microsoft Account authentication
sc config "wlidsvc" start=disabled
sc stop wlidsvc
# Stops the AI Fabric Applications from connecting online
sc config "WSAIFabricSvc" start=disabled
sc stop WSAIFabricSvc
# Removes Syncing of all files accross all windows systems
sc config "workfolderssvc" start=disabled
sc stop workfolderssvc
# Removes Windows Store Push applications options
sc config "PushToInstall" start=disabled
sc stop PushToInstall
# Removes AI Camera options
sc config "perceptionsimulation" start=disabled
sc stop perceptionsimulation
# Disables Media Player File Share and Telemetery
sc config "WMPNetworkSvc" start=disabled
sc stop WMPNetworkSvc
# Removes the option for windows Insider Program to work
sc config "wisvc" start=disabled
sc stop wisvc
# Removes Windows Event Log access from online services from Microsoft.
sc config "Wecsvc" start=disabled
sc stop Wecsvc
# Disables remote camera access from 3rd party applications
sc config "FrameServer" start=disabled
sc stop FrameServer
# Disables Windows Hello, and removes biometric online data storage
sc config "WbioSrvc" start=disabled
sc stop WbioSrvc
# Disables Windows backup options
sc config "SDRSVC" start=disabled
sc stop SDRSVC
# Disables Wireless Docking Functions
sc config "WFDSConMgrSvc" start=disabled
sc stop WFDSConMgrSvc
# Removes Windows Wallet from storing financial data on microsoft servers
sc config "WalletService" start=disabled
sc stop WalletService
# Disables backups, system restore and data recovery methods.
sc config "VSS" start=disabled
sc stop VSS
# Disables access to user data for online roaming profiles.
sc config "UevAgentService" start=disabled
sc stop UevAgentService
# Provides online access to event logs
sc config "SNMPTrap" start=disabled
sc stop SNMPTrap
# Disables Smartcard access
sc config "SCPolicySvc" start=disabled
sc stop SCPolicySvc
# Disables Smartcard API access
sc config "ScDeviceEnum" start=disabled
sc stop ScDeviceEnum
# Disables Smart card reader
sc config "SCardSvr" start=disabled
sc stop SCardSvr
# Sets the lighting settings for monitors on bright or dim lighting.
sc config "SensrSvc" start=disabled
sc stop SensrSvc
# Removes System Demo Mode option
sc config "RetailDemo" start=disabled
sc stop RetailDemo
# Allows remote access to system without authentication
sc config "RasAuto" start=disabled
sc stop RasAuto
# Automatic Windows Help Services
sc config "TroubleshootingSvc" start=disabled
sc stop TroubleshootingSvc
# Automatic Data reporting (troubleshooting and Help)
sc config "wercplsupport" start=disabled
sc stop wercplsupport
# Used for stylus and touch screens.
sc config "PenService" start=disabled
sc stop PenService
sc config "PenService3395a" start=disabled
sc stop PenService3395a
# Parental Controls
sc config "WpcMonSvc" start=disabled
sc stop WpcMonSvc
# Unknown Plan9 Server Services, only aware of this in Bell Labs 1980s.
sc config "P9RdrService" start=disabled
sc stop P9RdrService
sc config "P9RdrService3395a" Start=disabled
sc stop P9RdrService3395a
# Disables offline file sync
sc config "CscService" start=disabled
sc stop CscService
# Location Awareness Service
sc config "NaturalAuthentication" start=disabled
sc stop NaturalAuthentication
# Microsoft Store Installation Automatic updater service
sc config "InstallService" start=disabled
sc stop InstallService
# Edge Disable Service
sc config "edgeupdatem" start=disabled
sc stop edgeupdatem
# More Edge stuff
sc config "edgeupdate" start=disabled
sc stop edgeupdate
# Engless Edge Garbage
sc config "MicrosoftEdgeElevationService" start=disabled
sc stop MicrosoftEdgeElevationService
# MS Cloud authentication and access
sc config "cloudidsvc" start=disabled
sc stop cloudidsvc
# MS Text messaging recording app
sc config "MessagingService" start=disabled
sc config "MessagingService3395a" start=disabled
sc config "DeviceAssociationBrokerSvc3395a" start=disabled
sc stop MessagingService
sc stop DeviceAssociationBrokerSvc3395a
sc stop MessagingService3395a
# Desktop Sharing Application
sc config "BcastDVRUserServic" start=disabled
sc stop BcastDVRUserService
sc config "BcastDVRUserService3395a" start=disabled
sc stop BcastDVRUserService3395a
# Network Device discovery services
sc config "DevQueryBroker" start=disabled
sc stop DevQueryBroker
# Miracast Services
sc config "DevicePickerUserSvc" start=disabled
sc config "DevicePickerUserSvc3395a" start=disabled
sc stop DevicePickerUserSvc3395a
sc stop DevicePickerUserSvc
# Automatic Credential Broker service
sc config "CredentialEnrollmentManagerUserSvc" start=disabled
sc config "CredentialEnrollmentManagerUserSvc3395a" start=disabled
sc stop CredentialEnrollmentManagerUserSvc3395a
sc stop CredentialEnrollmentManagerUserSvcacd8f
# Allows Apps from the internet to access device location services
sc config "ConsentUxUserSvc" start=disabled
sc stop ConsentUxUserSvc
# Allows Apps from the internet to access device location services
sc config "ConsentUxUserSvc3395a" start=disabled
sc stop ConsentUxUserSvc3395a
# disables Device api flow for user sync data with microsoft
sc config "DevicesFlowUserSvc3395a" start=disabled
sc stop DevicesFlowUserSvc3395a
# Disables Capture service for screen scaping access from microsoft
sc config "CaptureService3395a" start=disabled
sc stop CaptureService3395a
# disables Onedrive sync service
sc config "OneSyncSvc3395a" start=disabled
sc stop OneSyncSvc_3395a
# disables Touch screen settings
sc config "TextInputManagementService" start=disabled
sc stop TextInputManagementService
NOTE: Certain Services with wildcards will need the second part of this script to be disabled.
24H2 Service Wildcard Disable
Run the following as a PS1 file as admin
get-service onesyncsvc* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service CaptureService* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service DevicesFlowUserSvc* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service CredentialEnrollmentManagerUserSvc* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service DevicePickerUserSvc* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service BcastDVRUserService* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service DeviceAssociationBrokerSvc* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service MessagingService* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service P9RdrService* | Stop-Service -Force | Set-Service -StartupType Disabled
get-service PenService* | Stop-Service -Force | Set-Service -StartupType Disabled
REBOOT WHEN COMPLETED
GROUP POLICY CONFIGURATIONS
WILL BE RELEASED IN PART 2 OF TALON SCRIPT VIDEO
How to use your Mint System as a daily Driver office computer

Software Found in this video is located in Linux-Software Link
Step 1: Install all the updates and reboot
sudo apt update
sudo apt upgrade -y
Step 2: Download and install the Software shown in video
Step 3: Install the Mail Client Evolution
sudo apt install evolution
sudo apt install evolution-ews
sudo apt install update
sudo reboot now
How to configure O365 on Evolution Mail
Cross Over - Running EXE's on Linux Debian Based Systems
Coming 3/4/25
Bazzite - The knock-off SteamOS Gaming Platform for Amazon Handhelds
Coming 3/6/25
Garuda OS - The Arch Flavored Linux Gaming Platform
Coming 3/11/25
How to use Remote Desktop on Ubuntu and Mint?
Coming 3/18/25
Commands to Install Xrdp on Mint
sudo apt update
sudo apt upgrade -y
sudo apt install xrdp
sudo systemctl enable xrdp
sudo ufw allow 3389
sudo reboot now
How to Install a Free WIFI Heat Mapper on Ubuntu
Coming 3/25/25
Scripts to install Heatmapper
BASH SCRIPT NUMBER 1
#!/bin/sh
# Welcome to Part 1 of the GenericTechSupport Youtube Channel Script for setting up a heat mapper on Linux Mint Version 24.sudo apt update
sudo apt upgrade -y
sudo swapoff -a
sudo fallocate -l 8G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo reboot now
#
BASH SCRIPT NUMBER 2
#!/bin/sh
# Welcome to Part 2 of the GenericTechSupport Youtube Channel Script for setting up a heat mapper on UBUNTU Version 24.sudo apt install net-tools -y
sudo apt install python3-tk -y
sudo apt install python3-pip -y
sudo apt install python3-pil -y
sudo apt install speedtest-cli -y
sudo apt install python3-pil python3-pil.imagetk -y
sudo apt install iw -y
sudo apt install curl -y
sudo snap install tqdm
sudo snap install wireless-tools
sudo snap install speedtest
sudo reboot now
#
BASH SCRIPT NUMBER 3
#!/bin/sh
# Welcome to Part 3 of the GenericTechSupport Youtube Channel Script for setting up a heat mapper on UBUNTU Version 24.sudo pip3 install numpy --break-system-packages
sudo pip3 install matplotlib --break-system-packages
sudo pip3 install whm --break-system-packages
sudo pip3 install scipy --break-system-packages
sudo pip3 install pysimpleGUI --break-system-packages
sudo pip3 install speedtest_cli --break-system-packages
sudo dpkg -s wireless-tools
curl -s https://packagecloud.io/install/repositories/ookla/speedtest-cli/script.deb.sh | sudo bash
sudo python3 -m pip install --force-reinstall --extra-index-url https://PySimpleGUI.net/install PySimpleGUI --break-system-packages
#
COMMON ERRORS
In some cases you may seePySimpleGUI is now located on a private PyPI server. Please add to your pip command: -i https://PySimpleGUI.net/installThe version you just installed should uninstalled:
python -m pip uninstall PySimpleGUI
python -m pip cache purge
Then install the latest from the private server:
python -m pip install --upgrade --extra-index-url https://PySimpleGUI.net/install PySimpleGUI
You can also force a reinstall using this command and it'll install the latest regardless of what you have installed currently
python -m pip install --force-reinstall --extra-index-url https://PySimpleGUI.net/install PySimpleGUIUse python3 command if you're running on the Mac or Linux
Traceback (most recent call last):
File "/usr/local/bin/whm", line 5, in <module>
from wifiheatmapper.main import driver
File "/usr/local/lib/python3.12/dist-packages/wifiheatmapper/main.py", line 3, in <module>
from wifiheatmapper.gui import startgui
File "/usr/local/lib/python3.12/dist-packages/wifiheatmapper/gui.py", line 5, in <module>
from wifiheatmapper.graph import generategraph
File "/usr/local/lib/python3.12/dist-packages/wifiheatmapper/graph.py", line 5, in <module>
import matplotlib.pyplot as plt
ModuleNotFoundError: No module named 'matplotlib'
HOW TO FIX
Here's the commands to repair this:sudo python3 -m pip install --force-reinstall --extra-index-url https://PySimpleGUI.net/install PySimpleGUI --break-system-packages
HOW TO RUN IT
Here's the commands to run this:whm bootstrap --config NameTheNetworkYouAreTesting.json
Accept the 30 Day Trial:
NOTE: You can get a free license as a hobbyist, but if this is for commercial work, please pay the 99.99 fee.

Run this command again:whm bootstrap --config NameTheNetworkYouAreTesting.json
IF YOU GET THIS ERROR
Found existing installation: kiwisolver 0.0.0
ERROR: Cannot uninstall kiwisolver 0.0.0, RECORD file not found. Hint: The package was installed by debian.TYPE THIS AS YOUR FIXpip3 install kiwisolver --force-reinstall --break-system-packagesNOTE: THIS ERROR IS DUE TO FAULTY WIFI NIC DRIVERS, IF YOU SEE THIS, THIS WILL NOT WORK CORRECTLY
FINALLY Run this command again:whm bootstrap --config NameTheNetworkYouAreTesting.json
YOU WILL GET THIS OUTPUT

OPEN ANOTHER TERMINAL

INTERFACE NAME
The interface name is the name listed to the left, you will need to grab that name, and enter it (Case Sensitive) into the other box, that interface should be your Wifi-Interface and press Enter.
Command: ifconfig
When prompted, click on Y for Yes to confirm the Adapter

When prompted, Enter No More than 2 for the number of passes.

Enter ALL When Prompted

Now create a rough diagram of the home, or office, and save it as a JPG file, I used PAINT on windows to do this, and it worked fine

Command to HeatMap
whm benchmark -m LivesInBox.jpg -c /home/user/home.json
SPECIAL NOTE
All videos are shot with VmWare Workstation Paid, however.. The Heat Mapper will only work on VirtualBox, Using VMware will cause you to use the Open-Vm Drivers for Ubuntu, which DO NOT WORK for heat mapping. If you need to run this virtual on a windows box, it will work, but you MUST use virtual box.