Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
328 views

Commands

The document modifies registry and Windows service settings to disable features like updates, defragging, and screen savers, sets policies to prevent customization and restrict access, and stops background tasks like backups, antivirus scans, and disk cleanup to lock down the system and reduce resource usage. Powershell commands are also used to disable services, stop tasks, and make additional changes to firewall rules, hibernation, and system restore settings.

Uploaded by

Onur Öztürk
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
328 views

Commands

The document modifies registry and Windows service settings to disable features like updates, defragging, and screen savers, sets policies to prevent customization and restrict access, and stops background tasks like backups, antivirus scans, and disk cleanup to lock down the system and reduce resource usage. Powershell commands are also used to disable services, stop tasks, and make additional changes to firewall rules, hibernation, and system restore settings.

Uploaded by

Onur Öztürk
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

rem Setting Default HKCU values by loading and modifying the default user regis try hive reg

load "hku\temp" "%USERPROFILE%\..\Default User\NTUSER.DAT" reg ADD "hku\temp\Software\Policies\Microsoft\Windows\Control Panel\Desktop" /v SCRNSAVE.EXE /d "%windir%\system32\scrnsave.scr" /f reg ADD "hku\temp\Software\Policies\Microsoft\Windows\Control Panel\Desktop" /v ScreenSaveTimeOut /d "600" /f reg ADD "hku\temp\Software\Policies\Microsoft\Windows\Control Panel\Desktop" /v ScreenSaverIsSecure /d "1" /f reg ADD "hku\temp\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v Wallpaper /d " " /f reg ADD "hku\temp\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Ca che" /v Persistent /t REG_DWORD /d 0x0 /f reg ADD "hku\temp\Software\Microsoft\Feeds" /v SyncStatus /t REG_DWORD /d 0x0 /f reg ADD "hku\temp\Software\Microsoft\WIndows\CurrentVersion\Policies\Explorer" / v HideSCAHealth /t REG_DWORD /d 0x1 /f reg unload "hku\temp" rem Making modifications to the HKLM hive reg ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main" /v DisableFirstRunCustomize /t REG_DWORD /d 0x1 /f reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Mem ory Management\PrefetchParameters" /v EnableSuperfetch /t REG_DWORD /d 0x0 /f reg ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU " /v NoAutoUpdate /t REG_DWORD /d 0x1 /f reg ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore " /v DisableSR /t REG_DWORD /d 0x1 /f reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Disk" /v TimeOutVa lue /t REG_DWORD /d 200 /f reg ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Image" /v Revision /t REG_SZ /d 1.0 /f reg ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Image" /v Virtual /t REG_SZ /d Yes /f reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Applicati on" /v MaxSize /t REG_DWORD /d 0x100000 /f reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Applicati on" /v Retention /t REG_DWORD /d 0x0 /f reg ADD "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Network\NewNetworkW indowOff" /f reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\System" / v MaxSize /t REG_DWORD /d 0x100000 /f reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\System" / v Retention /t REG_DWORD /d 0x0 /f reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Security" /v MaxSize /t REG_DWORD /d 0x100000 /f reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Security" /v Retention /t REG_DWORD /d 0x0 /f reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl" /v Cr ashDumpEnabled /t REG_DWORD /d 0x0 /f reg ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\E xplorer" /v NoRecycleFiles /t REG_DWORD /d 0x1 /f reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0x0 /f reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Win Stations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 0x0 /f reg ADD "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\s ystem" /v EnableLUA /t REG_DWORD /d 0x0 /f reg Add "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Sideshow" /v Dis abled /t REG_DWORD /d 0x1 /f rem Using Powershell to perform Windows Services modifications

Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell Powershell

Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service Set-Service

'BDESVC' -startuptype "disabled" 'wbengine' -startuptype "disabled" 'DPS' -startuptype "disabled" 'UxSms' -startuptype "disabled" 'Defragsvc' -startuptype "disabled" 'HomeGroupListener' -startuptype "disabled" 'HomeGroupProvider' -startuptype "disabled" 'iphlpsvc' -startuptype "disabled" 'MSiSCSI' -startuptype "disabled" 'swprv' -startuptype "disabled" 'CscService' -startuptype "disabled" 'SstpSvc' -startuptype "disabled" 'wscsvc' -startuptype "disabled" 'SSDPSRV' -startuptype "disabled" 'SysMain' -startuptype "disabled" 'TabletInputService' -startuptype "disabled" 'Themes' -startuptype "disabled" 'upnphost' -startuptype "disabled" 'VSS' -startuptype "disabled" 'SDRSVC' -startuptype "disabled" 'WinDefend' -startuptype "disabled" 'WerSvc' -startuptype "disabled" 'MpsSvc' -startuptype "disabled" 'ehRecvr' -startuptype "disabled" 'ehSched' -startuptype "disabled" 'WSearch' -startuptype "disabled" 'wuauserv' -startuptype "disabled" 'Wlansvc' -startuptype "disabled" 'WwanSvc' -startuptype "disabled"

rem Making miscellaneous modifications bcdedit /set BOOTUX disabled vssadmin delete shadows /All /Quiet Powershell disable-computerrestore -drive c:\ netsh advfirewall set allprofiles state off powercfg -H OFF net stop "sysmain" fsutil behavior set DisableLastAccess 1 rem Making modifications to Scheduled Tasks schtasks /change /TN "\Microsoft\Windows\Defrag\ScheduledDefrag" /Disable schtasks /change /TN "\Microsoft\Windows\SystemRestore\SR" /Disable schtasks /change /TN "\Microsoft\Windows\Registry\RegIdleBackup" /Disable schtasks /change /TN "\Microsoft\Windows Defender\MPIdleTask" /Disable schtasks /change /TN "\Microsoft\Windows Defender\MP Scheduled Scan" /Disable schtasks /change /TN "\Microsoft\Windows\Maintenance\WinSAT" /Disable

You might also like