Short8.3 Filenames
Short8.3 filenames are a (completely superfluous) cruft from the past of MS-DOS ...
Windows PE
Setup.exe /NoReboot FSUtil.exe 8Dot3Name Set ‹drive letter›: 1 FSUtil.exe 8Dot3Name Strip /F /S ‹drive letter›:\...
(protected) administratorto
standard user. ...
"%SystemRoot%\System32\Net.exe" USER Administrator /Active:Yes /PasswordReq:Yes "%SystemRoot%\System32\Net.exe" LOCALGROUP Administrators "%USERNAME%" /Delete "%SystemRoot%\System32\Net.exe" LOCALGROUP Users "%USERNAME%" /AddqUACkery ... to disable UAC from silent (automatic) elevation in the
protectedadministrator account created during Windows Setup, and to disable elevation in (unprivileged)
standarduser accounts, as documented in the TechNet article UAC Group Policy Settings and Registry Key Settings.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000000
REGEDIT4
; Disable 'Standard Users' in 'Safe Mode' (KB977542)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"SafeModeBlockNonAdmins"=dword:00000001
Separate the system’s (shared) TEMPdirectory from that of the
NT AUTHORITY\SYSTEM
alias
LocalSystem
user account:
MkDir "%SystemRoot%\System32\Config\SystemProfile\AppData\Local\Temp" If Exist "%SystemRoot%\SysWoW64\Config\SystemProfile" MkDir "%SystemRoot%\SysWoW64\Config\SystemProfile\AppData\Local\Temp" "%SystemRoot%\System32\SetX.exe" TEMP "%%USERPROFILE%%\AppData\Local\Temp" /M "%SystemRoot%\System32\SetX.exe" TMP "%%USERPROFILE%%\AppData\Local\Temp" /MSet the attributes
hidden,
read-onlyand
systemon the system’s (shared)
Tempdirectory
%SystemRoot%\Temp\
to prevent
File Explorer from trying to
perform the permanent damage documented in the
MSKB
article
950934:
"%SystemRoot%\System32\Attrib.exe" +H +R +S "%SystemRoot%\Temp"
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\WinTrust\Config]
"EnableCertPaddingCheck"="1"
NeedCurrentDirectoryForExePath()
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"CWDIllegalInDLLSearch"=dword:ffffffff
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment]
"NoDefaultCurrentDirectoryInExePath"="*"
See the MSDN article Windows components installed on demand for details.
On 32-bit editions, create the Registry entries
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat]
"VDMDisallowed"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WoW]
"DisallowedPolicyDefault"=dword:00000001
to disable the
NTVDM
subsystem for 16-bit applications.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings]
; 00000020 ; SSL 3.0
; 00000080 ; TLS 1.0
; 00000200 ; TLS 1.1
; 00000800 ; TLS 1.2
; 00002000 ; TLS 1.3
"SecureProtocols"=dword:00002a00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.3\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.3\Server]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo]
"Enabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AdvertisingInfo]
"DisabledByGroupPolicy"=dword:00000001
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search]
"AllowCortana"=dword:00000000
"ConnectedSearchUseWeb"=dword:00000000
"ConnectedSearchUseWebOverMeteredConnections"=dword:00000000
"DisableWebSearch"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search]
"AllowCortana"=dword:00000000
"AllowSearchToUseLocation"=dword:00000000
"BingSearchEnabled"=dword:00000000
"ConnectedSearchPrivacy"=dword:00000003
"ConnectedSearchUseWeb"=dword:00000000
"ConnectedSearchUseWebOverMeteredConnections"=dword:00000000
"CortanaConsent"=dword:00000000
"DisableWebSearch"=dword:00000001
Unless you definitively want to use the Malicious Software Removal Tool, create the Registry entries
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT]
"DontOfferThroughWUAU"=dword:00000001
"DontReportInfectionInformation"=dword:00000001
to block its automatic monthly (re)installation via
Windows Update and disable its reporting feature, as
documented in the
MSKB
articles
890830,
and
891716.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"AUOptions"=dword:00000005
"IncludeRecommendedUpdates"=dword:00000000
"NoAutoRebootWithLoggedOnUsers"=dword:00000001
Disable automatic installation of suggested Appsand
Windows App Store Suggestions:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager]
"ContentDeliveryAllowed"=dword:00000000
"PreInstalledAppsEnabled"=dword:00000000
"SilentInstalledAppsEnabled"=dword:00000000
"SoftLandingEnabled"=dword:00000000
"SubscribedContent-310093Enabled"=dword:00000000
"SubscribedContent-338387Enabled"=dword:00000000
"SubscribedContent-338388Enabled"=dword:00000000
"SubscribedContent-338389Enabled"=dword:00000000
"SubscribedContent-338393Enabled"=dword:00000000
"SystemPaneSuggestionsEnabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CloudContent]
"DisableWindowsConsumerFeatures"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds]
"EnableFeeds"=dword:00000000
Disable Fast Startup:
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power]
"HiberBootEnabled"=dword:00000000
Disable automatic login after reboot:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableAutomaticRestartSignOn"=dword:00000001
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsStore]
"AutoDownload"=dword:00000002
"DisableStoreApps"=dword:00000001
"RemoveWindowsStore"=dword:00000001
"%SystemRoot%\System32\DISM.exe" /Online /Get-ProvisionedAppxPackages /Format:Table | "%SystemRoot%\System32\FindStr.exe" /B /C:"PackageName: " 1>"%SystemRoot%\Setup\Scripts\SetupComplete.tmp" For /F "Tokens=2 UseBackQ" %%? In ("%SystemRoot%\Setup\Scripts\SetupComplete.tmp") Do "%SystemRoot%\System32\DISM.exe" /Online /Remove-ProvisionedAppxPackage /PackageName:%%?
REGEDIT4
; Disable (re)installation of (de)provisioned 'Apps'
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.3DBuilder_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.549981C3F5F10_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.BingWeather_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.GetHelp_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Getstarted_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.HEIFImageExtension_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Messaging_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MicrosoftEdge.Stable_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MixedReality.Portal_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.MSPaint_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Office.OneNote_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.OneConnect_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Outlook.DesktopIntegrationServices_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.People_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Print3D_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.ScreenSketch_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.SkypeApp_kzf8qxf38zg5c]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.StorePurchaseApp_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.VCLibs.140.00_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.VP9VideoExtensions_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Wallet_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WebMediaExtensions_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WebpImageExtension_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Windows.Photos_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsAlarms_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsCalculator_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsCamera_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsCommunicationsApps_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsMaps_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.WindowsStore_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Xbox.TCUI_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.XboxApp_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.XboxGameOverlay_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.XboxIdentityProvider_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.XboxSpeechToTextOverlay_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.YourPhone_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.ZuneMusic_8wekyb3d8bbwe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.ZuneVideo_8wekyb3d8bbwe]
REGEDIT4
; Copyright © 2004-2022, Stefan Kanthak <stefan.kanthak@nexgo.de>
[HKEY_CLASSES_ROOT\MSI.Package\Shell\RunAs]
"HasLUAShield"=""
"MUIVerb"="@C:\\Windows\\System32\\MSIMsg.dll,-36"
[HKEY_CLASSES_ROOT\MSI.Package\Shell\RunAs\Command]
@="C:\\Windows\\System32\\MSIExec.exe /I \"%L\" %*"
[HKEY_CLASSES_ROOT\MSI.Patch\Shell\RunAs]
"HasLUAShield"=""
"MUIVerb"="@C:\\Windows\\System32\\MSIMsg.dll,-39"
[HKEY_CLASSES_ROOT\MSI.Patch\Shell\RunAs\Command]
@="C:\\Windows\\System32\\MSIExec.exe /P \"%L\" %*"
[HKEY_CLASSES_ROOT\MSI.Patch\Shell\RunAsUser]
@="@C:\\Windows\\System32\\Shell32.dll,-50944"
;@="@C:\\Windows\\System32\\TWinUI.dll,-8502" ; �
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"
[HKEY_CLASSES_ROOT\MSI.Patch\Shell\RunAsUser\Command]
"DelegateExecute"="{EA72D00E-4960-42FA-BA92-7792A7944C1D}"
REGEDIT4
[HKEY_CLASSES_ROOT\.bmp]
@="PhotoViewer.FileAssoc.BitMap"
[HKEY_CLASSES_ROOT\.bmp\OpenWithProgIDs]
"PhotoViewer.FileAssoc.BitMap"=hex(0):
[HKEY_CLASSES_ROOT\.dib]
@="PhotoViewer.FileAssoc.BitMap"
[HKEY_CLASSES_ROOT\.dib\OpenWithProgIDs]
"PhotoViewer.FileAssoc.BitMap"=hex(0):
[HKEY_CLASSES_ROOT\.gif]
@="PhotoViewer.FileAssoc.GIF"
[HKEY_CLASSES_ROOT\.gif\OpenWithProgIDs]
"PhotoViewer.FileAssoc.GIF"=hex(0):
[HKEY_CLASSES_ROOT\.ico]
@="PhotoViewer.FileAssoc.BitMap"
[HKEY_CLASSES_ROOT\.ico\OpenWithProgIDs]
"PhotoViewer.FileAssoc.BitMap"=hex(0):
[HKEY_CLASSES_ROOT\.jfif]
@="PhotoViewer.FileAssoc.JFIF"
[HKEY_CLASSES_ROOT\.jfif\OpenWithProgIDs]
"PhotoViewer.FileAssoc.JFIF"=hex(0):
[HKEY_CLASSES_ROOT\.jpe]
@="PhotoViewer.FileAssoc.JPEG"
[HKEY_CLASSES_ROOT\.jpe\OpenWithProgIDs]
"PhotoViewer.FileAssoc.JPEG"=hex(0):
[HKEY_CLASSES_ROOT\.jpeg]
@="PhotoViewer.FileAssoc.JPEG"
[HKEY_CLASSES_ROOT\.jpeg\OpenWithProgIDs]
"PhotoViewer.FileAssoc.JPEG"=hex(0):
[HKEY_CLASSES_ROOT\.jpg]
@="PhotoViewer.FileAssoc.JPEG"
[HKEY_CLASSES_ROOT\.jpg\OpenWithProgIDs]
"PhotoViewer.FileAssoc.JPEG"=hex(0):
[HKEY_CLASSES_ROOT\.png]
@="PhotoViewer.FileAssoc.PNG"
[HKEY_CLASSES_ROOT\.png\OpenWithProgIDs]
"PhotoViewer.FileAssoc.PNG"=hex(0):
[HKEY_CLASSES_ROOT\.rle]
@="PhotoViewer.FileAssoc.BitMap"
[HKEY_CLASSES_ROOT\.rle\OpenWithProgIDs]
"PhotoViewer.FileAssoc.BitMap"=hex(0):
[HKEY_CLASSES_ROOT\.tif]
@="PhotoViewer.FileAssoc.TIFF"
[HKEY_CLASSES_ROOT\.tif\OpenWithProgIDs]
"PhotoViewer.FileAssoc.TIFF"=hex(0):
[HKEY_CLASSES_ROOT\.tiff]
@="PhotoViewer.FileAssoc.TIFF"
[HKEY_CLASSES_ROOT\.tiff\OpenWithProgIDs]
"PhotoViewer.FileAssoc.TIFF"=hex(0):
[HKEY_CLASSES_ROOT\.wdp]
@="PhotoViewer.FileAssoc.WDP"
[HKEY_CLASSES_ROOT\.wdp\OpenWithProgIDs]
"PhotoViewer.FileAssoc.WDP"=hex(0):
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\Shell\Print\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\Shell\Print\DropTarget]
"CLSID"="{60FD46DE-F830-4894-A628-6FA81BC0190D}"
[HKEY_CLASSES_ROOT\Applications\PhotoViewer.dll\SupportedTypes]
".bmp"=""
".dib"=""
".gif"=""
".ico"=""
".jfif"=""
".jpe"=""
".jpeg"=""
".jpg"=""
".png"=""
".rle"=""
".tif"=""
".tiff"=""
".wdp"=""
[HKEY_CLASSES_ROOT\icofile\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\icofile\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\icofile\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\jpegfile\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\jpegfile\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\jpegfile\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\pjpegfile\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\pjpegfile\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\pjpegfile\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\pngfile\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\pngfile\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\pngfile\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\wdpfile\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\wdpfile\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\wdpfile\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\Paint.Picture\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\Paint.Picture\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\Paint.Picture\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\TIFImage.Document\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\TIFImage.Document\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\TIFImage.Document\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.BitMap]
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3056"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.BitMap\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-70"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.BitMap\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.BitMap\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.GIF]
"EditFlags"=dword:00010000
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3055"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.GIF\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-71"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.GIF\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.GIF\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.GIF\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF]
"EditFlags"=dword:00010000
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3055"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-72"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JFIF\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JPEG]
"EditFlags"=dword:00010000
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3055"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JPEG\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-72"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JPEG\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JPEG\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.JPEG\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.PNG]
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3057"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.PNG\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-71"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.PNG\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.PNG\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.TIFF]
"FriendlyTypeName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3058"
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.TIFF\DefaultIcon]
@="C:\\Windows\\System32\\ImageRes.dll,-122"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.TIFF\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.TIFF\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.TIFF\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.WDP]
"EditFlags"=dword:00010000
"ImageOptionFlags"=dword:00000001
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.WDP\DefaultIcon]
@="C:\\Windows\\System32\\WMPhoto.dll,-400"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.WDP\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.WDP\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\PhotoViewer.FileAssoc.WDP\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\SystemFileAssociations\.bmp\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.dib\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.gif\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.ico\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.jfif\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.jpe\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.jpeg\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.jpg\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.png\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.rle\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.tif\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.tiff\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.wdp\OpenWithList\PhotoViewer.dll]
[HKEY_CLASSES_ROOT\SystemFileAssociations\Image\Shell\Open]
"MUIVerb"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3043"
[HKEY_CLASSES_ROOT\SystemFileAssociations\Image\Shell\Open\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\SystemFileAssociations\Image\Shell\Open\DropTarget]
"CLSID"="{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}"
[HKEY_CLASSES_ROOT\SystemFileAssociations\Image\Shell\Print\Command]
@="C:\\Windows\\System32\\RunDLL32.exe \"C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll\",ImageView_Fullscreen %L"
[HKEY_CLASSES_ROOT\SystemFileAssociations\Image\Shell\Print\DropTarget]
"CLSID"="{60FD46DE-F830-4894-A628-6FA81BC0190D}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Photo Viewer\Capabilities]
"ApplicationDescription"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3069"
"ApplicationName"="@C:\\Program Files\\Windows Photo Viewer\\PhotoViewer.dll,-3009"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Photo Viewer\Capabilities\FileAssociations]
".bmp"="PhotoViewer.FileAssoc.BitMap"
".dib"="PhotoViewer.FileAssoc.BitMap"
".gif"="PhotoViewer.FileAssoc.GIF"
".ico"="PhotoViewer.FileAssoc.BitMap"
".jfif"="PhotoViewer.FileAssoc.JFIF"
".jpe"="PhotoViewer.FileAssoc.JPEG"
".jpeg"="PhotoViewer.FileAssoc.JPEG"
".jpg"="PhotoViewer.FileAssoc.JPEG"
".png"="PhotoViewer.FileAssoc.PNG"
".rle"="PhotoViewer.FileAssoc.BitMap"
".tif"="PhotoViewer.FileAssoc.TIFF"
".tiff"="PhotoViewer.FileAssoc.TIFF"
".wdp"="PhotoViewer.FileAssoc.WDP"
SetupComplete.cmd
The batch script
SetupComplete.cmd
is executed after the second reboot; it runs (invisible) under the
NT AUTHORITY\SYSTEM
alias
LocalSystem
user account.
Rem Copyright © 2009-2022, Stefan Kanthak <stefan.kanthak@nexgo.de>
Rem Prevent accidental execution
If Not "%USERNAME%" == "SYSTEM" Exit /B
If /I Not "%USERPROFILE%" == "%SystemRoot%\System32\Config\SystemProfile" Exit /B
If /I Not "%~f0" == "%SystemRoot%\Setup\Scripts\SetupComplete.cmd" Exit /B
Call :REDIRECT %* 0<NUL: 1>"%SystemRoot%\Setup\Scripts\SetupComplete.out" 2>"%SystemRoot%\Setup\Scripts\SetupComplete.err"
Exit /B
:REDIRECT
…
Rem Private 'TEMP' directory for 'LocalSystem' user account
If /I "%TEMP%" == "%SystemRoot%\Temp" (
"%SystemRoot%\System32\SetX.exe" TEMP "%%USERPROFILE%%\AppData\Local\Temp" /M
"%SystemRoot%\System32\SetX.exe" TMP "%%USERPROFILE%%\AppData\Local\Temp" /M
MkDir "%SystemRoot%\System32\Config\SystemProfile\AppData\Local\Temp"
If Exist "%SystemRoot%\SysWoW64\Config\SystemProfile" MkDir "%SystemRoot%\SysWoW64\Config\SystemProfile\AppData\Local\Temp"
)
…
Rem Disable builtin 'Guest' user account
"%SystemRoot%\System32\Net.exe" USER Guest /Active:No
Rem Enable builtin 'Administrator' user account and set random password
Rem (https://support.microsoft.com/en-us/kb/251394)
"%SystemRoot%\System32\Net.exe" USER Administrator /Active:Yes /FullName:"Stefan Kanthak" /PasswordReq:Yes /Random
…
Rem Disable offer for permanent ACL change on inaccessible directories in 'File Explorer'
Rem (https://support.microsoft.com/en-us/kb/950934)
For %%? In ("%SystemRoot%\Security\Audit"
"%SystemRoot%\ServiceProfiles\LocalService"
"%SystemRoot%\ServiceProfiles\NetworkService"
"%SystemRoot%\Temp") Do "%SystemRoot%\System32\Attrib.exe" +H +R +S "%%?"
…
Rem Remove 'Provisioned Apps'
"%SystemRoot%\System32\DISM.exe" /Online /Get-ProvisionedAppxPackages /Format:Table | "%SystemRoot%\System32\FindStr.exe" /B /C:"PackageName: " 1>"%SystemRoot%\Setup\Scripts\SetupComplete.tmp"
For /F "Tokens=2 UseBackQ" %%? In ("%SystemRoot%\Setup\Scripts\SetupComplete.tmp") Do "%SystemRoot%\System32\DISM.exe" /Online /Remove-ProvisionedAppxPackage /PackageName:%%?
…
Rem Remove 'Edge Chromium'
Rem If Defined ProgramFiles(x86) (For /R "%ProgramFiles(x86)%\Microsoft\Edge\Application" %%? In (Setup?.Exe) Do Set SETUP=%%~?) Else (For /R "%ProgramFiles%\Microsoft\Edge\Application" %%? In (Setup?.Exe) Do Set SETUP=%%~?)
Rem If Defined SETUP "%SETUP%" --uninstall --verbose-logging --system-level --force-uninstall
…
"%SystemRoot%\System32\Reg.exe" IMPORT "%SystemRoot%\Setup\Scripts\SetupComplete.reg"
…
Rem (https://msdn.microsoft.com/en-us/library/gg441316.aspx)
"%SystemRoot%\System32\RunDLL32.exe" "%SystemRoot%\System32\AdvPack.dll",LaunchINFSection "%SystemRoot%\Setup\Scripts\SetupComplete.inf",UnattendedInstall
…
SetupConfig.ini
%SystemDrive%\Users\Default\AppData\Local\Microsoft\Windows\WSUS\SetupConfig.ini
[SetupConfig]
;AddBootMgrLast
;Auto={ Clean | DataOnly | Upgrade }
;BitLocker={ AlwaysSuspend | TryKeepActive | ForceKeepActive }
;CompactOS={ Enable | Disable }
;Compat={ IgnoreWarning | ScanOnly }
;CopyLogs=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;DiagnosticPrompt={ Disable | Enable }
;DynamicUpdate={ Disable | Enable }
;InstallDrivers=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;InstallFrom=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;InstallLangPacks=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;M=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;MigNEO=Disable
;MigrateDrivers={ All | None }
NoReboot
;PKey=23467-89BCD-FGHJK-MNPQR-TVWXY
;Priority=Normal
;PostOOBE=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ] [ \setupcomplete.cmd ]
;PostRollback=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ] [ \setuprollback.cmd ]
;PostRollbackContext={ System | User }
;Quiet
;ReflectDrivers=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ]
;ResizeRecoveryPartition={ Disable | Enable }
;ShowOOBE={ Full | None }
;Telemetry={ Disable | Enable }
;TempDrive=‹drive›:
;Unattend=[ ‹drive›:\‹directory› | \\‹computer›\‹share›\‹directory› ] [ \unattend.xml ]
;Uninstall={ Disable | Enable }
Use the X.509 certificate to send S/MIME encrypted mail.
Note: email in weird format and without a proper sender name is likely to be discarded!
I dislike
HTML (and even
weirder formats too) in email, I prefer to receive plain text.
I also expect to see your full (real) name as sender, not your
nickname.
I abhor top posts and expect inline quotes in replies.
as iswithout any warranty, neither express nor implied.
cookiesin the web browser.
The web service is operated and provided by
Telekom Deutschland GmbH The web service provider stores a session cookie
in the web
browser and records every visit of this web site with the following
data in an access log on their server(s):