Differences

This shows you the differences between two versions of the page.

--- win10 [2021-12-29 18:49:40]
mi [Windows Defender]
+++ win10 [2024-11-05 15:24:45] (current)
mi [Enable ADMIN$ shares]
@@ Line 6: / Line 6: @@
   cmd /k ver
-Windows Product key:
+===Windows Product key
   wmic path SoftwareLicensingService get OA3xOriginalProductKey
@@ Line 12: / Line 12: @@
 or use [[https://www.nirsoft.net/utils/product_cd_key_viewer.html|NirSoft's ProduKey]]
+===Get computer name
+* ''hostname'' (hostname.exe) in both CMD and PS
+* ''%COMPUTERNAME%'' in CMD or ''$ENV:COMPUTERNAME'' in PowerShell
+===Rename computer
+In admin PowerShell:
+  Rename-Computer "new_hostname"
+or with restart
+  Rename-Computer "new_hostname" -Restart
 ==Language
@@ Line 42: / Line 56: @@
 echo "Disabling..."
-reg add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power" /v HiberbootEnabled /d 0 /f
+reg add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power" /v HiberbootEnabled /t REG_DWORD /d 0 /f
 echo "New:"
@@ Line 49: / Line 63: @@
 PAUSE
 </code>
+I think the above registry hack is the same as running
+  powercfg /hibernate off
+and then deleting the ''C:\hiberfil.sys'' file
 ==Network
@@ Line 81: / Line 104: @@
 "By default, Windows Vista and newer versions of Windows prevent local accounts from accessing administrative shares through the network." ([[https://docs.microsoft.com/en-us/troubleshoot/windows-client/networking/cannot-logon-access-administrative-share#cause|docs.microsoft.com]])
   reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1
+===Disable IPv6
+Not tested yet:
+From https://4sysops.com/archives/disable-ipv6-in-windows/
+  Get-NetAdapterBinding -ComponentID "ms_tcpip6" | where Enabled -eq $true | Disable-NetAdapterBinding -ComponentID "ms_tcpip6"
+or (probably needs restart?):
+  reg add "HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters" /v DisabledComponents /t REG_DWORD /d 255 /f
+or the same in PowerShell:
+  New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\ -Name DisabledComponents -Type DWord -Value 255
+The Value 32 may be better than 255.
+Or a .reg file (here with value 32 (hex 20)):
+<file reg NoIPv6.reg>Windows Registry Editor Version 5.00
+[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters]
+"DisabledComponents"=dword:00000020
+</file>
+Or maybe ''netsh'' commands as suggested in https://systemadminspro.com/how-to-disable-ipv6-on-windows/
+(needs a restart)
+<code>netsh interface ipv6 set teredo disabled
+netsh interface ipv6 6to4 set state disabled
+netsh interface ipv6 isatap set state disabled
+</code>
 ==WSL
@@ Line 115: / Line 171: @@
 ==Path
-===Add to Machine Path
+===Show current path
-https://stackoverflow.com/a/36379814/111036
+  $env:path -split ";"
-https://docs.microsoft.com/en-us/powershell/scripting/samples/working-with-registry-entries?view=powershell-7.1
+or
-Show Path
+<code powershell>
+# Only parts for current user
+reg query HKCU\Environment /v Path
-  reg query HKCU\Environment /v Path
+# Only machine path
+reg query "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" /v Path
-  reg query "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" /v Path
+(New-Object -ComObject WScript.Shell).RegRead("HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\Path") -split ";"
+</code>
-  (New-Object -ComObject WScript.Shell).RegRead("HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\Path") -split ";"
+===Add to Machine Path
-Add to path
 <code>
 $addpath = "C:\bin"
+$regenv  = "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"
-$machinepath = (New-Object -ComObject WScript.Shell).RegRead("HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\Path") -split ";" | Where-Object { $_ -ne $addpath }
+$machinepath = (New-Object -ComObject WScript.Shell).RegRead("$regenv\Path") -split ";" | Where-Object { $_ -ne $addpath }
 $machinepath += $addpath
@@ Line 141: / Line 199: @@
 # do it
-Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" -Name 'Path' -Value ($machinepath -join ';') -Type ExpandString
+Set-ItemProperty -Path "HKLM:\$regenv" -Name 'Path' -Value ($machinepath -join ';') -Type ExpandString
 </code>
+The new path is not active immediately for users. For users to get the updated machine path, it is necessary to Sign out and Sign back in.
+https://stackoverflow.com/a/36379814/111036
+https://docs.microsoft.com/en-us/powershell/scripting/samples/working-with-registry-entries?view=powershell-7.1
 ===WSL Path
@@ Line 161: / Line 225: @@
 	Restart-Service LxssManager
+==File Explorer
+===Show file extensions:
+  reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /t REG_DWORD /d 0 /f
 ==Notepad++
@@ Line 171: / Line 239: @@
 https://npp-user-manual.org/docs/other-resources/#notepad-replacement
-# check if we have 64 or 32 bit notepad++
+%%#%% check if we have 64 or 32 bit notepad++
   if (Test-Path "C:\Program Files\Notepad++\notepad++.exe") { echo "64bit" } `
@@ Line 178: / Line 246: @@
-# Make notepad++ the default
+%%#%% Make notepad++ the default
   reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe"
-# In cmd.exe:
+%%#%% In cmd.exe:
   REM If 64-bit Notepad++
@@ Line 190: / Line 258: @@
   reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe" /v "Debugger" /t REG_SZ /d "\"%ProgramFiles(x86)%\Notepad++\notepad++.exe\" -notepadStyleCmdline -z" /f
-# In Powershell:
+%%#%% In Powershell:
-# 64bit
+%%#%% 64bit
   reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe" /v "Debugger" /t REG_SZ /d "$env:ProgramFiles\Notepad++\notepad++.exe -notepadStyleCmdline -z" /f
-# 32bit
+%%#%% 32bit
   reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe" /v "Debugger" /t REG_SZ /d "$env:ProgramFiles(x86)%\Notepad++\notepad++.exe -notepadStyleCmdline -z" /f
@@ Line 206: / Line 274: @@
 ==Solitaire
-The old Solitaire from Windows 95. Assumes there is already a C:\bin directory, and it's in the Path:
+The old Solitaire from Windows 95.
+This assumes there is already a C:\bin directory, and it's in the Path:
   cd C:\bin
@@ Line 264: / Line 334: @@
 With the 2nd option using Policies, they must also be activated by rebooting or by running ''gpudate /force'' (see also https://cloudbrothers.info/create-persistent-defender-av-exclusions-circumvent-defender-endpoint-detection/)
+==Firewall
+Show current ICMP ping rule state:
+  netsh advfirewall firewall show rule name="Allow ping ICMP V4"
+Enable ping replies:
+  netsh advfirewall firewall add rule name="Allow ping ICMP V4" protocol=icmpv4:any,any dir=in action=allow
+==Verbose start
+Script to run in an admin command prompt to enable some messages during startup and login:
+<code>
+@echo off
+echo Current value for HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\verbosestatus
+reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\" /v "verbosestatus"
+echo Current value for HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableStatusMessages
+reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\" /v "DisableStatusMessages"
+echo Enabling (slightly) Verbose boot
+reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\" /v "verbosestatus" /t REG_DWORD /d 1 /f
+reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\" /v "DisableStatusMessages"
+pause
+</code>

Alma wiki

User Tools

Site Tools

Differences

Page Tools