Short8.3 Filenames, but
LongPathnames
Short8.3 filenames are a (completely superfluous) cruft from the past of MS-DOS …
Windows PE
Setup.exe /NoReboot FSUtil.exe 8Dot3Name Set ‹drive letter›: 1 FSUtil.exe 8Dot3Name Strip /F /S ‹drive letter›:\FSUtil 8dot3Name
The length limitation of pathnames to
MAX_PATH
= 260 characters is another cruft
from the past …
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem]
"LongPathsEnabled"=dword:00000001
MSDN article
Naming Files, Paths, and Namespaces
…
(protected) administratorto
standard user. …
"%SystemRoot%\System32\Net.exe" USER Administrator /Active:Yes /PasswordReq:Yes "%SystemRoot%\System32\Net.exe" LOCALGROUP Administrators "%USERNAME%" /Delete "%SystemRoot%\System32\Net.exe" LOCALGROUP Users "%USERNAME%" /AddNo qUACkery any more: disable silent (automatic) elevation in the
(protected) administratoraccount created during Windows Setup, and disable elevation in (unprivileged)
standarduser accounts, as documented in the TechNet article UAC Group Policy Settings and Registry Key Settings:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000000
Block (unprivileged) standarduser accounts from logging on in
Safe Mode, as documented in the MSKB article 977542:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"SafeModeBlockNonAdmins"=dword:00000001
Separate the system’s user-writable (shared) TEMPdirectory
%SystemRoot%\Temp\
from that of the
NT AUTHORITY\SYSTEM
alias
LocalSystem
user account:
MkDir "%SystemRoot%\System32\Config\SystemProfile\AppData\Local\Temp" If Exist "%SystemRoot%\SysWoW64\Config\SystemProfile" MkDir "%SystemRoot%\SysWoW64\Config\SystemProfile\AppData\Local\Temp" "%SystemRoot%\System32\SetX.exe" TEMP "%%USERPROFILE%%\AppData\Local\Temp" /M "%SystemRoot%\System32\SetX.exe" TMP "%%USERPROFILE%%\AppData\Local\Temp" /MSet the attributes
hidden,
read-onlyand
systemon the system’s (shared)
Tempdirectory
%SystemRoot%\Temp\
to prevent
File Explorer from trying to
perform the permanent damage documented in the
MSKB
article
950934:
"%SystemRoot%\System32\Attrib.exe" +H +R +S "%SystemRoot%\Temp"
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftAccount]
"DisableUserAuth"=dword:00000001
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\WinTrust\Config]
"EnableCertPaddingCheck"="1"
CAVEAT: on 64-bit systems this registry entry
must be set in the 32-bit registry branch too!
"%SystemRoot%\System32\Reg.exe" ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\WinTrust\Config" /V "EnableCertPaddingCheck" /T REG_SZ /D "1" /F /REG:64 "%SystemRoot%\System32\Reg.exe" ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\WinTrust\Config" /V "EnableCertPaddingCheck" /T REG_SZ /D "1" /F /REG:32MSKB articles 147706 239869, 272129 305379 820281 823659, 954387 960859, 968389 973811 and 2793313, plus the TechNet article Configuring Additional LSA Protection
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA]
; Disable insecure 'LAN Manager' authentication
; 0: send LM and NTLMv1 responses; never use NTLMv2 security
; 1: send LM and NTLMv1 responses; use NTLMv2 if negotiated
; 2: send NTLMv1 response only
; 3: send NTLMv2 response only; still accept both LM and NTLMv1 challenges
; 4: send NTLMv2 response only; refuse LM challenge, accept both NTLMv1 and NTLMv2 challenges
; 5: send NTLMv2 response only; refuse LM and NTLMv1 challenges, accept NTLMv2 challenge only
"LMCompatibilityLevel"=dword:00000005
"NoLMHash"=dword:00000001
"RunAsPPL"=dword:00000001
MSKB
article
2264107
and the MSDN
article
NeedCurrentDirectoryForExePath()
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"CWDIllegalInDLLSearch"=dword:ffffffff
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment]
"NoDefaultCurrentDirectoryInExePath"="*"
See the MSDN article Windows components installed on demand for details.
On 32-bit editions, create the Registry entries
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat]
"VDMDisallowed"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WoW]
"DisallowedPolicyDefault"=dword:00000001
to disable the
NTVDM
subsystem for 16-bit applications.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings]
; 00000020 ; SSL 3.0
; 00000080 ; TLS 1.0
; 00000200 ; TLS 1.1
; 00000800 ; TLS 1.2
; 00002000 ; TLS 1.3
"SecureProtocols"=dword:00002a00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.3\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.3\Server]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo]
"Enabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AdvertisingInfo]
"DisabledByGroupPolicy"=dword:00000001
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge]
"AlternateErrorPagesEnabled"=dword:00000000
"HubsSidebarEnabled"=dword:00000000
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowCortanaButton"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search]
"AllowCortana"=dword:00000000
"AllowSearchToUseLocation"=dword:00000000
"BingSearchEnabled"=dword:00000000
"ConnectedSearchPrivacy"=dword:00000003
"ConnectedSearchUseWeb"=dword:00000000
"ConnectedSearchUseWebOverMeteredConnections"=dword:00000000
"CortanaConsent"=dword:00000000
"DisableWebSearch"=dword:00000001
"SearchBoxTaskbarMode"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search]
"AllowCortana"=dword:00000000
"ConnectedSearchUseWeb"=dword:00000000
"ConnectedSearchUseWebOverMeteredConnections"=dword:00000000
"DisableWebSearch"=dword:00000001
"EnableDynamicContentInWSB"=dword:00000000
Unless you definitively want to use
OneDrive and store your personal documents on other
people’s servers, create the Registry entries
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OneDrive]
"PreventNetworkTrafficPreUserSignIn"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\OneDrive]
"DisableFileSync"=dword:00000001
"DisableFileSyncNGSC"=dword:00000001
"DisableLibrariesDefaultSaveToOneDrive"=dword:00000001
"DisableMeteredNetworkFileSync"=dword:00000001
Delete %SystemRoot%\System32\OneDriveSetup.exe
on
32-bit systems respectively
%SystemRoot%\SysWoW64\OneDriveSetup.exe
on 64-bit
systems before the first user login to prevent the installation of
the OneDrive Client in every user
profile (where it is unprotected against tampering and can be
overwritten).
Additionally run the command lines
"%SystemRoot%\System32\Reg.exe" LOAD "HKEY_USERS\DEFAULT" "%SystemDrive%\Users\Default\NTUSER.DAT" "%SystemRoot%\System32\Reg.exe" DELETE "HKEY_USERS\DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run" /V "OneDriveSetup" /F "%SystemRoot%\System32\Reg.exe" UNLOAD "HKEY_USERS\DEFAULT"to remove the registry entry that starts the installation program from the
Default
user’s registry hive.
Unless you definitively want to use the Malicious Software Removal Tool, create the Registry entries
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT]
"DontOfferThroughWUAU"=dword:00000001
"DontReportInfectionInformation"=dword:00000001
to block its automatic monthly (re)installation via
Windows Update and disable its reporting feature, as
documented in the
MSKB
articles
890830
and
891716.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
;"ActiveHoursStart"=dword:00000000
;"ActiveHoursEnd"=dword:00000017
"SetActiveHours"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"AUOptions"=dword:00000005
"IncludeRecommendedUpdates"=dword:00000000
"NoAutoRebootWithLoggedOnUsers"=dword:00000001
Disable automatic installation of suggested Appsand
Windows App Store Suggestions:
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager]
"ContentDeliveryAllowed"=dword:00000000
"FeatureManagementEnabled"=dword:00000000
"OEMPreInstalledAppsEnabled"=dword:00000000
"PreInstalledAppsEnabled"=dword:00000000
"PreInstalledAppsEverEnabled"=dword:00000000
"SilentInstalledAppsEnabled"=dword:00000000
"SoftLandingEnabled"=dword:00000000
"SubscribedContentEnabled"=dword:00000000
"SubscribedContent-310093Enabled"=dword:00000000
"SubscribedContent-338387Enabled"=dword:00000000
"SubscribedContent-338388Enabled"=dword:00000000
"SubscribedContent-338389Enabled"=dword:00000000
"SubscribedContent-338393Enabled"=dword:00000000
"SystemPaneSuggestionsEnabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CloudContent]
"DisableWindowsConsumerFeatures"=dword:00000001
Disable Online Help & Tips in the
Immersive Control Panel and the
News & Interests icon on the Taskbar:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"AllowOnlineTips"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds]
"EnableFeeds"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Feeds]
"ShellFeedsTaskbarViewMode"=dword:00000002
Disable Fast Startup:
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power]
"HiberBootEnabled"=dword:00000000
Disable automatic login after reboot:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableAutomaticRestartSignOn"=dword:00000001
Disable search results from the Internet:
REGEDIT4
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer]
"DisableSearchBoxSuggestions"=dword:00000001
Disable creation of desktop icon for Edge Chromium:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\EdgeUpdate]
"CreateDesktopShortcutDefault"=dword:00000000
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsStore]
"AutoDownload"=dword:00000002
"DisableStoreApps"=dword:00000001
"RemoveWindowsStore"=dword:00000001
"%SystemRoot%\System32\DISM.exe" /Online /Get-ProvisionedAppxPackages /Format:Table | "%SystemRoot%\System32\FindStr.exe" /B /C:"PackageName: " 1>"%SystemRoot%\Setup\Scripts\SetupComplete.tmp" For /F "Tokens=2 UseBackQ" %%? In ("%SystemRoot%\Setup\Scripts\SetupComplete.tmp") Do "%SystemRoot%\System32\DISM.exe" /Online /Remove-ProvisionedAppxPackage /PackageName:%%?
REGEDIT4
; Disable (re)installation of (de)provisioned 'Apps'
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.3DBuilder_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.549981C3F5F10_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.BingWeather_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.GetHelp_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Getstarted_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.HEIFImageExtension_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Messaging_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MixedReality.Portal_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MSPaint_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Office.OneNote_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.OneConnect_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Outlook.DesktopIntegrationServices_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.People_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Print3D_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.ScreenSketch_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.SkypeApp_kzf8qxf38zg5c]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.StorePurchaseApp_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.VCLibs.140.00_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.VP9VideoExtensions_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Wallet_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WebMediaExtensions_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WebpImageExtension_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Windows.Photos_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsAlarms_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsCalculator_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsCamera_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsCommunicationsApps_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsMaps_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsStore_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Xbox.TCUI_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.XboxApp_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.XboxGameOverlay_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.XboxIdentityProvider_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.XboxSpeechToTextOverlay_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.YourPhone_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.ZuneMusic_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.ZuneVideo_8wekyb3d8bbwe]
REGEDIT4
[HKEY_CLASSES_ROOT\.acm]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.ax]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.cab]
"Content Type"="application/vnd.ms-cab-compressed"
[HKEY_CLASSES_ROOT\.com]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.cpl]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.dll]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.drv]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.efi]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.exe]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.ime]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.mui]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.msu]
"Content Type"="application/vnd.ms-cab-compressed"
[HKEY_CLASSES_ROOT\.ocx]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.scr]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.sys]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\.tsp]
"Content Type"="application/vnd.microsoft.portable-executable"
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-1]
"CodePage"=dword:00006FAF ; 28591
"InternetEncoding"=dword:00006FAF
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-2]
"CodePage"=dword:00006FB0 ; 28592
"InternetEncoding"=dword:00006FB0
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-3]
"CodePage"=dword:00006FB1 ; 28593
"InternetEncoding"=dword:00006FB1
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-4]
"CodePage"=dword:00006FB2 ; 28594
"InternetEncoding"=dword:00006FB2
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-5]
"CodePage"=dword:00006FB3 ; 28595
"InternetEncoding"=dword:00006FB3
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-6]
"CodePage"=dword:00006FB4 ; 28596
"InternetEncoding"=dword:00006FB4
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-7]
"CodePage"=dword:00006FB5 ; 28597
"InternetEncoding"=dword:00006FB5
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-8]
"CodePage"=dword:00006FB6 ; 28598
"InternetEncoding"=dword:00006FB6
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-9]
"CodePage"=dword:00006FB7 ; 28599
"InternetEncoding"=dword:00006FB7
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-10]
"CodePage"=dword:00006FB8 ; 28600
"InternetEncoding"=dword:00006FB8
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-11]
"AliasForCharSet"=-
"CodePage"=dword:00006FB9 ; 28601
"InternetEncoding"=dword:00006FB9
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-12]
"CodePage"=dword:00006FBA ; 28602
"InternetEncoding"=dword:00006FBA
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-13]
"CodePage"=dword:00006FBB ; 28603
"InternetEncoding"=dword:00006FBB
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-14]
"CodePage"=dword:00006FBC ; 28604
"InternetEncoding"=dword:00006FBC
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-15]
"CodePage"=dword:00006FBD ; 28605
"InternetEncoding"=dword:00006FBD
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\iso-8859-16]
"CodePage"=dword:00006FBE ; 28606
"InternetEncoding"=dword:00006FBE
[HKEY_CLASSES_ROOT\MIME\DataBase\CharSet\windows-1254]
"AliasForCharSet"=-
"CodePage"=dword:000004E6 ; 1254
"InternetEncoding"=dword:000004E6
[HKEY_CLASSES_ROOT\MIME\DataBase\Content Type\application/vnd.microsoft.portable-executable]
;"Extension"=".exe"
[HKEY_CLASSES_ROOT\MIME\DataBase\Content Type\application/vnd.ms-cab-compressed]
;"Extension"=".cab"
REGEDIT4
; Copyright © 2004-2023, Stefan Kanthak <stefan.kanthak@nexgo.de>
[HKEY_CLASSES_ROOT\MSI.Package\Shell\RunAs]
"HasLUAShield"=""
"MUIVerb"="@C:\\Windows\\System32\\MSIMsg.dll,-36"
[HKEY_CLASSES_ROOT\MSI.Package\Shell\RunAs\Command]
@="C:\\Windows\\System32\\MSIExec.exe /I \"%L\" %*"
[HKEY_CLASSES_ROOT\MSI.Patch\Shell\RunAs]
"HasLUAShield"=""
"MUIVerb"="@C:\\Windows\\System32\\MSIMsg.dll,-39"
[HKEY_CLASSES_ROOT\MSI.Patch\Shell\RunAs\Command]
@="C:\\Windows\\System32\\MSIExec.exe /P \"%L\" %*"
[HKEY_CLASSES_ROOT\MSI.Patch\Shell\RunAsUser]
@="@C:\\Windows\\System32\\Shell32.dll,-50944"
;@="@C:\\Windows\\System32\\TWinUI.dll,-8502" ; �
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"
[HKEY_CLASSES_ROOT\MSI.Patch\Shell\RunAsUser\Command]
"DelegateExecute"="{EA72D00E-4960-42FA-BA92-7792A7944C1D}"
REGEDIT4
[HKEY_CLASSES_ROOT\.bmp]
@="PhotoViewer.FileAssoc.BitMap"
[HKEY_CLASSES_ROOT\.bmp\OpenWithProgIDs]
"PhotoViewer.FileAssoc.BitMap"=hex(0):
[HKEY_CLASSES_ROOT\.dib]
@="PhotoViewer.FileAssoc.BitMap"
[HKEY_CLASSES_ROOT\.dib\OpenWithProgIDs]
"PhotoViewer.FileAssoc.BitMap"=hex(0):
[HKEY_CLASSES_ROOT\.gif]
@="PhotoViewer.FileAssoc.GIF"
[HKEY_CLASSES_ROOT\.gif\OpenWithProgIDs]
"PhotoViewer.FileAssoc.GIF"=hex(0):
[HKEY_CLASSES_ROOT\.ico]
@="PhotoViewer.FileAssoc.BitMap"
[HKEY_CLASSES_ROOT\.ico\OpenWithProgIDs]
"PhotoViewer.FileAssoc.BitMap"=hex(0):
[HKEY_CLASSES_ROOT\.jfif]
@="PhotoViewer.FileAssoc.JFIF"
[HKEY_CLASSES_ROOT\.jfif\OpenWithProgIDs]
"PhotoViewer.FileAssoc.JFIF"=hex(0):
[HKEY_CLASSES_ROOT\.jpe]
@="PhotoViewer.FileAssoc.JPEG"
[HKEY_CLASSES_ROOT\.jpe\OpenWithProgIDs]
"PhotoViewer.FileAssoc.JPEG"=hex(0):
[HKEY_CLASSES_ROOT\.jpeg]
@="PhotoViewer.FileAssoc.JPEG"
[HKEY_CLASSES_ROOT\.jpeg\OpenWithProgIDs]
"PhotoViewer.FileAssoc.JPEG"=hex(0):
[HKEY_CLASSES_ROOT\.jpg]
@="PhotoViewer.FileAssoc.JPEG"
[HKEY_CLASSES_ROOT\.jpg\OpenWithProgIDs]
"PhotoViewer.FileAssoc.JPEG"=hex(0):
[HKEY_CLASSES_ROOT\.png]
@="PhotoViewer.FileAssoc.PNG"
[HKEY_CLASSES_ROOT\.png\OpenWithProgIDs]
"PhotoViewer.FileAssoc.PNG"=hex(0):
[HKEY_CLASSES_ROOT\.rle]
@="PhotoViewer.FileAssoc.BitMap"
[HKEY_CLASSES_ROOT\.rle\OpenWithProgIDs]
"PhotoViewer.FileAssoc.BitMap"=hex(0):
[HKEY_CLASSES_ROOT\.tif]
@="PhotoViewer.FileAssoc.TIFF"
[HKEY_CLASSES_ROOT\.tif\OpenWithProgIDs]
"PhotoViewer.FileAssoc.TIFF"=hex(0):
[HKEY_CLASSES_ROOT\.tiff]
@="PhotoViewer.FileAssoc.TIFF"
[HKEY_CLASSES_ROOT\.tiff\OpenWithProgIDs]
"PhotoViewer.FileAssoc.TIFF"=hex(0):
[HKEY_CLASSES_ROOT\.wdp]
@="PhotoViewer.FileAssoc.WDP"
[HKEY_CLASSES_ROOT\.wdp\OpenWithProgIDs]
"PhotoViewer.FileAssoc.WDP"=hex(0):
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\Shell\Print\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\Shell\Print\DropTarget]
"CLSID"="{60FD46DE-F830-4894-A628-6FA81BC0190D}"
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\SupportedTypes]
".bmp"=""
".dib"=""
".gif"=""
".ico"=""
".jfif"=""
".jpe"=""
".jpeg"=""
".jpg"=""
".png"=""
".rle"=""
".tif"=""
".tiff"=""
".wdp"=""
[HKEY_CLASSES_ROOT\icofile\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\icofile\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\icofile\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\jpegfile\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\jpegfile\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\jpegfile\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\pjpegfile\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\pjpegfile\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\pjpegfile\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\pngfile\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\pngfile\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\pngfile\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\wdpfile\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\wdpfile\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\wdpfile\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\Paint.Picture\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\Paint.Picture\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\Paint.Picture\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\TIFImage.Document\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\TIFImage.Document\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\TIFImage.Document\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.BitMap]
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3056"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.BitMap\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-70"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.BitMap\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.BitMap\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.GIF]
"EditFlags"=dword:00010000
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3055"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.GIF\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-71"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.GIF\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.GIF\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.GIF\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF]
"EditFlags"=dword:00010000
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3055"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-72"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JPEG]
"EditFlags"=dword:00010000
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3055"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JPEG\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-72"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JPEG\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JPEG\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JPEG\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.PNG]
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3057"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.PNG\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-71"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.PNG\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.PNG\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.TIFF]
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3058"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.TIFF\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-122"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.TIFF\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.TIFF\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.TIFF\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.WDP]
"EditFlags"=dword:00010000
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.WDP\DefaultIcon]
@="C:\\Windows\\System32\\WMPhoto.dll,-400"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.WDP\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.WDP\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.WDP\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\SystemFileAssociations\.bmp\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.dib\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.gif\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.ico\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.jfif\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.jpe\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.jpeg\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.jpg\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.png\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.rle\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.tif\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.tiff\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.wdp\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\Image\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\SystemFileAssociations\Image\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\SystemFileAssociations\Image\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\SystemFileAssociations\Image\Shell\Print\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\SystemFileAssociations\Image\Shell\Print\DropTarget]
"CLSID"="{60FD46DE-F830-4894-A628-6FA81BC0190D}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Photo Viewer\Capabilities]
"ApplicationDescription"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3069"
"ApplicationName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3009"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Photo Viewer\Capabilities\FileAssociations]
".bmp"="PhotoViewer.FileAssoc.BitMap"
".dib"="PhotoViewer.FileAssoc.BitMap"
".gif"="PhotoViewer.FileAssoc.GIF"
".ico"="PhotoViewer.FileAssoc.BitMap"
".jfif"="PhotoViewer.FileAssoc.JFIF"
".jpe"="PhotoViewer.FileAssoc.JPEG"
".jpeg"="PhotoViewer.FileAssoc.JPEG"
".jpg"="PhotoViewer.FileAssoc.JPEG"
".png"="PhotoViewer.FileAssoc.PNG"
".rle"="PhotoViewer.FileAssoc.BitMap"
".tif"="PhotoViewer.FileAssoc.TIFF"
".tiff"="PhotoViewer.FileAssoc.TIFF"
".wdp"="PhotoViewer.FileAssoc.WDP"
Appslike Outlook for Windows during the OoBE phase:
REGEDIT4
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\Orchestrator\UScheduler_Oobe\DevHomeUpdate]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\Orchestrator\UScheduler_Oobe\EdgeUpdate]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\Orchestrator\UScheduler_Oobe\OutlookUpdate]
SetupComplete.cmd
The batch script
SetupComplete.cmd
is executed during installation of Windows Vista and
later versions after the second reboot, between the
Specialize
and the
OoBE phase;
it runs (invisible) under the
NT AUTHORITY\SYSTEM
alias
LocalSystem
user account.
Rem Copyright © 2009-2023, Stefan Kanthak <stefan.kanthak@nexgo.de>
Rem Prevent accidental execution
If Not "%USERNAME%" == "SYSTEM" Exit /B
If /I Not "%USERPROFILE%" == "%SystemRoot%\System32\Config\SystemProfile" Exit /B
If /I Not "%~f0" == "%SystemRoot%\Setup\Scripts\SetupComplete.cmd" Exit /B
Call :REDIRECT %* 0<NUL: 1>"%SystemRoot%\Setup\Scripts\SetupComplete.out" 2>"%SystemRoot%\Setup\Scripts\SetupComplete.err"
Exit /B
:REDIRECT
…
Rem Private 'TEMP' directory for 'LocalSystem' user account
If /I "%TEMP%" == "%SystemRoot%\Temp" (
"%SystemRoot%\System32\SetX.exe" TEMP "%%USERPROFILE%%\AppData\Local\Temp" /M
"%SystemRoot%\System32\SetX.exe" TMP "%%USERPROFILE%%\AppData\Local\Temp" /M
MkDir "%SystemRoot%\System32\Config\SystemProfile\AppData\Local\Temp"
If Exist "%SystemRoot%\SysWoW64\Config\SystemProfile" MkDir "%SystemRoot%\SysWoW64\Config\SystemProfile\AppData\Local\Temp"
)
…
Rem Disable builtin 'Guest' user account
"%SystemRoot%\System32\Net.exe" USER Guest /Active:No
Rem Enable builtin 'Administrator' user account and set random password
Rem (https://support.microsoft.com/en-us/kb/251394)
"%SystemRoot%\System32\Net.exe" USER Administrator /Active:Yes /FullName:"Stefan Kanthak" /PasswordReq:Yes /Random
…
Rem Disable offer for permanent ACL change on inaccessible directories in 'File Explorer'
Rem (https://support.microsoft.com/en-us/kb/950934)
For %%? In ("%SystemRoot%\Security\Audit"
"%SystemRoot%\ServiceProfiles\LocalService"
"%SystemRoot%\ServiceProfiles\NetworkService"
"%SystemRoot%\Temp") Do "%SystemRoot%\System32\Attrib.exe" +H +R +S "%%?"
…
Rem Remove 'Provisioned Apps'
"%SystemRoot%\System32\DISM.exe" /Online /Get-ProvisionedAppxPackages /Format:Table | "%SystemRoot%\System32\FindStr.exe" /B /C:"PackageName: " 1>"%SystemRoot%\Setup\Scripts\SetupComplete.tmp"
For /F "Tokens=2 UseBackQ" %%? In ("%SystemRoot%\Setup\Scripts\SetupComplete.tmp") Do "%SystemRoot%\System32\DISM.exe" /Online /Remove-ProvisionedAppxPackage /PackageName:%%?
…
Rem Remove 'Edge Chromium'
Rem If Defined ProgramFiles(x86) (For /R "%ProgramFiles(x86)%\Microsoft\Edge\Application" %%? In (Setup?.Exe) Do Set SETUP=%%~?) Else (For /R "%ProgramFiles%\Microsoft\Edge\Application" %%? In (Setup?.Exe) Do Set SETUP=%%~?)
Rem If Defined SETUP "%SETUP%" --force-uninstall --system-level --uninstall --verbose-logging
…
Rem Move 'Network Database'
MkDir "%ProgramData%\Microsoft\Network\Database"
Move "%SystemRoot%\System32\Drivers\Etc\*" "%ProgramData%\Microsoft\Network\Database"
For %%! In ("%ProgramData%\Microsoft\Network\Database\*") Do @(
For /D /R "%SystemRoot%\WinSxS" %%? In (*) Do @(
If Exist "%%?\%%~nx!" MkLink /H "%SystemRoot%\System32\Drivers\Etc\%%~nx!" "%%?\%%~nx!"))
…
Rem Prevent installation of 'OneDrive Client'
If Defined ProgramFiles(x86) (
Delete "%SystemRoot%\SysWoW64\OneDriveSetup.exe"
) Else (
Delete "%SystemRoot%\System32\OneDriveSetup.exe"
)
"%SystemRoot%\System32\Reg.exe" LOAD "HKEY_USERS\DEFAULT" "%SystemDrive%\Users\Default\NTUSER.DAT"
"%SystemRoot%\System32\Reg.exe" DELETE "HKEY_USERS\DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run" /V "OneDriveSetup" /F
"%SystemRoot%\System32\Reg.exe" UNLOAD "HKEY_USERS\DEFAULT"
…
Rem Prevent installation of 'Outlook for Windows' etc.
"%SystemRoot%\System32\Reg.exe" DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\Orchestrator\UScheduler_Oobe\DevHomeUpdate" /F
"%SystemRoot%\System32\Reg.exe" DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\Orchestrator\UScheduler_Oobe\EdgeUpdate" /F
"%SystemRoot%\System32\Reg.exe" DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\Orchestrator\UScheduler_Oobe\OutlookUpdate" /F
…
"%SystemRoot%\System32\Reg.exe" IMPORT "%SystemRoot%\Setup\Scripts\SetupComplete.reg"
…
Rem (https://msdn.microsoft.com/en-us/library/gg441316.aspx)
"%SystemRoot%\System32\RunDLL32.exe" "%SystemRoot%\System32\AdvPack.dll",LaunchINFSection "%SystemRoot%\Setup\Scripts\SetupComplete.inf",UnattendedInstall
…
SetupConfig.ini
%SystemDrive%\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini
[SetupConfig]
;AddBootMgrLast
;Auto={ Clean | DataOnly | Upgrade }
;BitLocker={ AlwaysSuspend | TryKeepActive | ForceKeepActive }
;CompactOS={ Enable | Disable }
;Compat={ IgnoreWarning | ScanOnly }
;CopyLogs=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;DiagnosticPrompt={ Disable | Enable }
;DynamicUpdate={ Disable | Enable }
;InstallDrivers=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;InstallFrom=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;InstallLangPacks=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;M=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;MigNEO=Disable
;MigrateDrivers={ All | None }
NoReboot
;PKey=23467-89BCD-FGHJK-MNPQR-TVWXY
;Priority=Normal
;PostOOBE=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ] [ \setupcomplete.cmd ]
;PostRollback=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ] [ \setuprollback.cmd ]
;PostRollbackContext={ System | User }
;Quiet
;ReflectDrivers=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;ResizeRecoveryPartition={ Disable | Enable }
;ShowOOBE={ Full | None }
;Telemetry={ Disable | Enable }
;TempDrive=‹drive›:
;Unattend=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ] [ \unattend.xml ]
;Uninstall={ Disable | Enable }
Use the X.509 certificate to send S/MIME encrypted mail.
Note: email in weird format and without a proper sender name is likely to be discarded!
I dislike
HTML (and even
weirder formats too) in email, I prefer to receive plain text.
I also expect to see your full (real) name as sender, not your
nickname.
I abhor top posts and expect inline quotes in replies.
as iswithout any warranty, neither express nor implied.
cookiesin the web browser.
The web service is operated and provided by
Telekom Deutschland GmbH The web service provider stores a session cookie
in the web
browser and records every visit of this web site with the following
data in an access log on their server(s):