ik heb wel veel reakties gehad op mijn post - net al ik niet nood zakelijk ook van de doel groep

[astral spectre]

is.

[astral spectre]

bg.

[astral spectre]

mv.

[astral spectre]

mf.

[astral spectre]

ub.

[astral spectre]

ik heb er bij de blokker binnen een jaar

drie kook wekkers door heen gedraaid

en een gewone wekker

en die daarvoor deden het respektievelijk

35 en 25 jaar

dat kan natuurlijk een toeval zijn dat samenhangt met de corona

maar ik denk dat het samen hangt met de 3e wereld oorlog der joden

[astral spectre]

ok.

[astral spectre]

ow.

[astral spectre]

WACONFIG.TXT


Windows 10


Starting a command prompt as administrator ("elevated" command prompt)

log into windows as an administrator
from the Start context menu select Run
enter "cmd" for a CMD command prompt
enter "powershell" for a PS command prompt
hold down Ctrl-Shift and press Enter or click OK
in the title bar of the box "Administrator" is shown

you can also create shortcuts with administrator rights
go to Advanced on the General tab and check Run as administrator
tHPS recommends to mark and run ANY windows apps and commands as an
administrator
outside of our own security there has never been found a single
down-side to it
all commands in this document are preceded by either a CMD> or PS> prompt
indicating the respective interpreter for which the command is meant
administrator rights are presumed and never again mentioned

the following prompts are used to indicate a command's location

run> run box
cmd> cmd prompt
ps> powershell prompt
gui> graphics user interface, that is, windows
gp> group policy (run "gpedit.msc")
svc> service (run "services.msc")
reg> registry (run "regedit.exe")

group policy is not available in windows Home editions
group policy, services and registry settings are effected on restart
registry settings' subkeys and variables that do not yet exist should be
created
HKLM means Head Key Local Machine, HKCU means Head Key Current User etc.
DW means Double Word (bit = 1, byte = 8, word = 16, double word = 32)



Windows 10 tips and tricks


Remove the shining

gui> Settings/System/About/Advanced system
settings/Advanced/Performance/Animate controls and elements in windows=off



Show original OEM product key in device firmware, if you have one

ps> wmic path softwarelicensingservice get OA3xOriginalProductKey



Remove W10 OneDrive from File explorer

gui> uninstall OneDrive under Programs and features in the Control panel
and restart



Restore W10 scroll bars

gui> Setup/Ease of access/Display/Automatically hide scroll bars=0



Set W10 slide show interval

reg> HKCU/Control Panel/Personalization/Desktop
Slideshow/Interval=[milliseconds (seconds * 1000)] (DW)



List of all available Windows programs

gui> in the File explorer Address bar enter the URL "shell:appsfolder"



Uninstall Microsoft Edge Chromium

you can't. it has been definitively disabled



Install Microsoft Edge UWP

you can't. it has been definitively disabled



Enable Group Policy in Windows Home

don't even bother. it has been a corporate decision



Disable Edge Chromuim Search bar on desktop

reg> HKLM/Software/Policies/Microsoft/Edge/WebWidgetAllowed=0 (DW)



Windows 10 genocidal to floppy drives

if you own a floppy drive, go to Control panel/Power options/System
settings and turn OFF Fast startup
Fast startup "forgets" to turn off your floppy drive. it will fry as a
result



Disable floppy drive checks when opening the (Send To) context menu

reg>
HKLM/Software/Microsoft/Windows/CurrentVersion/Policies/Explore/NoDrivesInSendToMenu=1
(DW)



Return ISO association to File Explorer

if the ISO file type is hi-jacked by another program, you cannot "mount"
it in File explorer anymore
right click the ISO file, go to Open with/Choose another app/File explorer
check Allways use this app



Create a local account in Windows 10

gui> Settings/Accounts/Family and other users/Add someone else to this PC
gui> Control panel/Administrative tools/Computer management/Local users
and groups/Users/Action/New User
run> netplwiz.exe
run> lusrmgr.msc
cmd> net user [user name] (user password) /add



Use the "net user" command to manage local user accounts

cmd> net user
list all local user accounts

cmd> net user "lazy admin"
list settings for local user account "lazy admin"

cmd> net user /add "lazy admin"
create local user account "lazy admin" with no password

cmd> net user /add "lazy admin" "passwd123"
create local user account "lazy admin" with password "passwd123"

cmd> net user /add "lazy admin" *
be prompted for a password

cmd> net user "lazy admin" "passwd123"
change password to "passwd123", "" for none

cmd> net user "lazy admin" *
be prompted for new password, twice enter for none

cmd> net user "lazy admin" /passwordreq:yes/no
require using a password yes/no
note that there may be policies that require using a password

cmd> net user "lazy admin" /passwordchg:yes/no
allow password to be changed yes/no

cmd> net user "lazy admin" /active:yes/no
enable/disable local user account

cmd> net user /delete "lazy admin"
remove local user account

cmd> net localgroup "administrators" /add "lazy admin"
make local user account an administrator account

cmd> net user /add /domain "lazy admin"
create a domain user account
by default Windows uses workgroups instead of domains
in which case you do not need to create a domain account
just use the same local account and password on all systems



Enable Intel ACHI on an already installed W10 system

run> msconfig.exe
change the Boot tab to start up windows in safe mode
gui> settings/update and security/recovery/advanced startup/restart now
gui> troubleshoot/advanced options/UEFI firmware settings
or press the required BIOS setup key at PC startup
enter BIOS setup
change SATA emulation from IDE/combined/compatible to AHCI/native/advanced
save BIOS settings and restart
start up windows in safe mode
run> msconfig.exe
change back the Boot tab to start up normally
restart
AHCI drivers will be loaded and SATA command queueing is enabled



WXP networking

if you want WXP systems to turn up in W10 File explorer and vice versa
gui> control panel/programs and features/turn windows features on or
off/SMB 1.0/CIFS file sharing support
gui> automatic removal=off
gui> client=on
gui> server=on
gui> control panel/windows defender firewall/allow an app or feature through
gui> core networking=on
gui> file and printer sharing=on
gui> network discovery=on
wait two minutes after startup because of delayed start of services



Disable automatic updates

gp> computer configuration/administrative templates/windows
components/windows update/configure automatic updates=disabled
or on Home editions
reg>
HKLM/SOFTWARE/Policies/Microsoft/Windows/WindowsUpdate/AU/NoAutoUpdate=1
(DW)



Disable automatic driver updates

gp> computer configuration/administrative templates/windows
components/windows update/do not include drivers with windows
updates=enabled



Disable update of a single device driver

gp> computer configuration/administrative templates/system/device
installation/restrictions/prevent installation of devices that match any
of these device IDs=enabled
enter one or more device ID's under Show
gui> control panel/device manager/[device]/properties/details/hardware ID



Disable update of OEM device icons

gui> settings/system/about/advanced system settings/hardware/device
installation settings/icons=off



Disable OS and feature updates

You can't. It has been definitively enabled



Ignore "Windows already has the best driver"

if possible, remove the "better driver"
gui> device manager/[device]/properties/driver/uninstall device/remove
driver software
restart and repeat the procedure until you have a better driver
this is not allways the case, specifically if the basic MS driver is a
later version



Disabling hibernation in Windows 10

cmd> powercfg /h [on/off]

this will remove and create the file C:\hiberfil.sys
on SSD drives it is debatable if hibernation is in fact
more damaging than useful, as it writes multiple gigabytes
of memory to disk each time you automatically shut down
possibly causing disproportional wear on the SSD drive



Disable Windows Defender

gui> settings/update and security/windows security/virus and threat
protection/Manage settings/Real-time protection=off
protection will be re-enabled on restart
gp> computer configuration/administrative templates/windows
components/microsoft defender antivirus/turn of microsoft defender
antivirus=enabled
reg> HKLM/Software/Policies/Microsoft/Windows
Defender/DisableAntiSpyware=1 (DW)



Delete Windows Defender protection history

you can't. it has been definitively enabled



Disable Windows Search Indexing on a single drive

content indexing not just indexes meta-data but all data
it is enabled by default without a switch to disable it
however we can disable it by drive
gui> file explorer/this PC/[windows drive]/properties/allow files on
this drive to have content indexed=off
or in a specific location
gui> file explorer/this PC/[windows
drive]/users/[user]/documents/properties/advanced/allow files in this
folder to have content indexed=off
as this involves setting an attribute on all files, this may take
several minutes
in case of any locked files or lacking NTFS rights you will be prompted
select "Ignore all"
this will include at least any files that can be related to you



Disable Windows Search Indexing alltogether

note that you won't be able to find anything through Windows Search
afterward
but neither will anybody else
svc> windows search/startup type=disabled
to enable it again select Delayed autostart



Delete a service

note that since you cannot recall a deleted service
it is always better to disable it
but as software providers may (ab)use the system for their own services
you may be forced to delete a service

svc> locate the service by its "display name" and open it
svc> in the top line locate its "service name"
svc> exit
cmd> sc delete [service name]
or
reg> HKLM/System/CurrentControlSet/Services/[service name]
remove the key [service name] entirely



Check the bitlocker status of a drive

gui> disk management/drive status/"bitlocker encrypted"
gui> control panel/bitlocker drive encryption
cmd> manage-bde -status



Disable bitlocker on a single drive

ps> disable-bitlocker -mountpoint "[drive]:"
[drive]: should be quoted
the command may take some time to decrypt the drive



Generate a defrag report

cmd> defrag /a /v (/analyse /verbose)



Show Windows edition on unknown setup media

cmd> dism /get-wiminfo /wimfile:[drive]:\sources\install.wim /index:1
or
cmd> dism /get-wiminfo /wimfile:[drive]:\sources\install.esd /index:1
where [drive] is that of the setup media



Install optional windows features from windows setup media

only required for .Net 3.5 and IE 11
gp> computer configuration/administrative templates/system/specify
settings for optional component installation=enabled
enter an "Alternate source file path" in the format
[drive]:\sources\sxs, where [drive] is that of the setup media
restart and mount the setup media
gui> control panel/programs and features/turn windows features on or off
turn on the required feature and exit
reset the policy to Not Configured and restart

or on Home editions
cmd> dism /online /enable-feature /featurename:netfx3
/source:[drive]:\sources\sxs /limitaccess /all
cmd> dism /online /enable-feature
/featurename:internet-explorer-optional-amd64
/source:[drive]:\sources\sxs /limitaccess /all



Repair damaged components by restoring the Windows deployment image

cmd> dism /online /cleanup-image /restorehealth



Add principal "TrustedInstaller"

in the add principal dialog box, manually enter "NT
SERVICE/trustedinstaller"



Reset a forgotten password on a multi user system

cmd> net user [username] [password]



Reset a forgotten password on a single user system (credits iSunshare)

you will need the appropriate setup media (CD/DVD/USB) of your current
Windows version and service pack
boot from the setup media
in the setup media startup screen press Shift-F10 to invoke an elevated
CMD prompt

go to the windows hard drive and system32 directory
cmd> D:
cmd> cd \WINDOWS\SYSTEM32

replace UTILMAN.EXE with CMD.EXE as follows
cmd> ren UTILMAN.EXE UTILMAN.BAK
cmd> copy CMD.EXE UTILMAN.EXE

remove the setup media and boot from the hard drive again
cmd> wpeutil reboot

once in the log-on screen click the Utility Manager Icon
instead of the Utility Manager, you will now invoke a CMD prompt as an
administator
this will allow you to create and edit users and passwords with the "net
user" command
once in Windows, change back UTILMAN.BAK to UTILMAN.EXE



Device Guard and Credential Guard (DG/CG)
Hyper Visor protected Code Integrity (HVCI)
Windows 10 Virtualization Based Security (VBS)
Volume Licence Agreement (VLA)

Enable DG in UEFI setup and install Windows 10
In Windows 10, go to Control Panel/Programs and Features/Windows Features
Install Hyper-V/Hyper-V Platform/Hyper-V Hypervisor
Run gpedit.msc
In Group Policy, go to Computer Configuration/Administrative
Templates/System/Device Guard
In the right panel, open Turn On VBS and set it to Enabled
For Platform Security Level select Secure Boot or Secure Boot with
DMA Protection
DMA protection requires i/o memory management units or IOMMUs
For VBS of Code Integrity (HVCI) select Enabled with or without UEFI lock
For CG select Enabled with or without UEFI lock
With UEFI lock, HVCI/CG is both enabled in UEFI setup and in Group
Policy
Without UEFI lock, HVCI/CG is just enabled in Group Policy, and can
therefore be remotely disabled
Check Require UEFI Memory Attributes Table, which is a firmware
compatibility requirement
For Secure Launch (DG) select Enabled to secure the boot chain
To disable the policy, open Turn on VBS and set it to Not configured
or Disabled
To disable Device Guard, you must manually disable DG in UEFI setup
Run an elevated msinfo32.exe to check the results (Ctrl-Shift-OK)
Secure Launch (i.e. DG) is only effective in Windows 10 Enterprise
editions of a VLA
It cannot be individually bought



Windows 11

in the Start Context menu choose Run
type in any command
hold down Ctrl-Shift-Enter and click OK
it's a knack, not a password silly
how on earth would you remember
over a million passwords

[astral spectre]

LCP

no not LPC

launch control policy

https://en.wikipedia.org/wiki/Trusted_Execution_Technology

iNTEL TXT

it is not in the chipset

because that is the object of its measuments

to prevent us from exchanging chip sets

ok

leaves only the CPU and the Intel Engine

it wouldn't be the CPU because that is externally accessible

what is not externally accessible

that is without a key known only to the plat form owner

is the Intel Engine

furthermore there is a matter of hierarchy

in which the Intel Engine decides

on whether the CPU is allowed to run

we know where the hash is

"in the TPM in a protected non-volatile location that can only be
modified by the platform owner"

but where is the code itself and that database of known-good cumulative
PCR values

that allow us to start

wherever it is they are in

is any of it hard coded any way

or is the owner preparing to change his moods every other day

on whether or not we are allowed to boot a particular system configuration

I think we are entitled to a fixed set of its launching specifications

at the time that we purchase this - eh - plat form

and not just a reliable set

based on trust

alone

[astral spectre]

od.

[astral spectre]

Check if VBS is enabled

run> msinfo32.exe
Scroll down to "Virtualization-based security". If it says "running,"
VBS is enabled.



Disable VBS/HVCI

gui> settings/update and security/windows security/device security/core
isolation details/memory integrity=off
and
reg>
HKLM/System\CurrentControlSet\Control\DeviceGuard/EnableVirtualizationBasedSecurity=0
(DW)

[astral spectre]

dat werkt niet meer

dit wel

gui> control panel/programs and features/turn windows features on or

off/hyper-V=off

[astral spectre]

en als dat ook niet meer helpt

dan kun je in bios/uefi setup

VT-d uitschakelen

schakel dan gelijk ook VT uit

je hebt al die virtualisatie echt niet nodig

alleen intel en ms hebben het nodig

maar let wel

het zijn afzonderlijke instellingen

dus je moet ze allebei uitzetten


als je VT-d uitschakelt

is in windows

kernel dma protection ook uit

dus dan ben je er in een keervan af

[astral spectre]

microsoft is not our employer

but it will and shall save our activity histories

on its data servers world wide

in a way that is invisibly accessible to us

in the lower start menu

instead of any where in the task bar

where we will just want to get rid of it

[astral spectre]

now like windows 8

it is just some thing we do not have

[astral spectre]

ok.

[astral spectre]

ah.