Windows cmd commands (antivirus real-time protection and updates)

1. # Allow windows protected file
2. #to allow all the permissions
3. icacls E:\Locker\Locker\ /grant efx:F /t /q
4.  
5. #To lock the files
6. cacls E:\Locker\Locker\ /P everyone:n
7. ________________________________________________________
8. https://youtu.be/ax1vfSsbzW4
9.  
10. # Go to home
11. cd\
12.  
13. #task manager
14. task list
15.  
16. #save file
17. echo hello world >files.txt
18.  
19. #Open file
20. file.txt
21.  
22. #See task list
23. tasklist
24.  
25. #open task manager
26. taskmgr
27.  
28. #Find the task
29. tasklist|findstr chrome
30.  
31. #KIll a task
32. taskkill /PID 5555 /F
33.  
34. #save task list in text file
35. tasklist >saved.txt
36.  
37. #Open my computer
38. explorer.exe
39.  
40. #Check the list of administrator accounts
41. dnet localgroup Administrators
42.  
43. #Check standard users
44. net localgroup users
45.  
46. #add standerd user to admins
47. net localgroup Admistrator "efx" /add
48.  
49. #delete user from administrators
50. net localgroup Admistrator "efx" /delete
51.  
52. #delete user
53. net user efx /delete
54.  
55. #Shutdown computer with a bat
56. c:\windows\system32\shutdown -s -f -t 00
57.  
58.  
59. #Change administrator password on Windows (run cmd as admin and type)
60. net user Administrator *
61.  
62. #Disabled administrator account activated again
63. net user Administrator /Active:yes
64.  
65. #Start cmd from textfile (save as bat)
66. echo off
67. command
68. echo on
69.  
70. #List of installed tools
71. wmic /output:C:\InstalledSoftwareList.txt product get name,version
72.  
73. NETWORKING
74. #Open network Connections command from cmd
75. C:\Windows\System32\control.exe ncpa.cpl
76.  
77. #Stop the internet (Drop your ip)
78. ipconfig /release
79.  
80. #Enable internet
81. ipconfig /renew
82.  
83. #Turn of fthe firewall
84. netsh advfirewall set currentprofile state off
85.  
86. # Defender commands
87.  
88. #status of antimalware software installed on the computer
89. Get-MpComputerStatus
90.  
91. #Windows Defender status
92. Get-Service windefend
93.  
94. # ADD Delete groups and users
95. https://www.youtube.com/watch?v=WSTlArxx0J8
96.  
97. __________________________________________________________________________________________
98. # Group policy editor in Windows Home
99. Commands:
100. (1)
101. FOR %F IN ("%SystemRoot%\servicing\Packages\Microsoft-Windows-GroupPolicy-ClientTools-Package~*.mum") DO ( DISM /Online /NoRestart /Add-Package:"%F" )
102.  
103. (2)
104. FOR %F IN ("%SystemRoot%\servicing\Packages\Microsoft-Windows-GroupPolicy-ClientExtensions-Package~*.mum") DO ( DISM /Online /NoRestart /Add-Package:"%F" )
105. __________________________________________________________________________________________
106.  
107.  
108. __________________________________________________________________________________________
109. # REGEDIT WINDOWS (CMD)
110.  
111. #Backup registry
112. file> import> save with file name
113.  
114. #Update the group policy of Windows (restore all the procedures to default)
115. >gpupdate
116.  
117. #Update group policy previously applied
118. >gpupdate /force
119.  
120. (1) HKEY_CLASSES_ROOT
121. (all kinds of information, file type, extensions, how Windows handles printer file manager, etc )
122.  
123. (2) HKEY_CURRENT_USER
124. Information related to the current user, Security rights, what Windows is like,
125.  
126. (3) HKEY_LOCAL_MACHINE (IMPORTANT)
127. Hardware, security, system, boot programs, drivers, drivers location and config, services information about os and computer itself
128.  
129. (4) HKEY_USERS
130. Stores information about each user on OS, Each account profile, current user stores information,
131.  
132. (5) HKEY_CURRENT_CONFIG
133. In the current hardware configuration, who is logged in and has their account set up?
134.  
135. #OPEN CMD AND TYPE to pen regedit prompt
136. regedit
137.  
138. https://www.makeuseof.com/permanently-disable-microsoft-defender-windows-11/
139.  
140. #Get all the help and options in cmd
141. reg /?
142.  
143. ______________________________________________________________________________________________
144. #Disable antivirus real-time protection using Powershell (1 for disable and 0 for enable)
145. Set-ItemProperty 'HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender' DisableAntiSpyware 0
146. Restart-Computer
147. ______________________________________________________________________________________________
148.  
149. Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
150.  
151. ______________________________________________________________________________________________
152. Install program quitely
153. @echo off
154. Setup.exe /quiet
155. ______________________________________________________________________________________________
156.  
157.  
158. Stop Defender working 2023
159. reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Microsoft Defender" /v DisableAntiSpyware /t REG_DWORD /d 1 /f
160.  
161. ______________________________________________________________________________________________
162. # Disable Windows Auto Update
163. Run Powershell 86x as admin
164. New-Item -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU' -Force | Out-Null
165. Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU' -Name 'NoAutoUpdate' -Value 0
166. Restart-Computer
167. ______________________________________________________________________________________________
168. # Disable Windows Update
169. New-Item -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate' -Force | Out-Null
170. Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate' -Name 'NoAutoUpdate' -Value 0
171. ______________________________________________________________________________________________
172. # Disable firewall
173. Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
174. ______________________________________________________________________________________________
175. # Kill any exe process
176. taskkill /IM cmd.exe