API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 19th, 2017
205
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Winbatch 11.29 KB | None | 0 0
raw download clone embed print report
  1. Windows Registry Editor Version 5.00
  2.  
  3. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
  4. "AutoRestartShell"=dword:00000001
  5. "LegalNoticeCaption"=""
  6. "LegalNoticeText"=""
  7. "PowerdownAfterShutdown"="0"
  8. "ReportBootOk"="1"
  9. "Shell"="Explorer.exe"
  10. "ShutdownWithoutLogon"="0"
  11. "System"=""
  12. "Userinit"="C:\\WINNT\\system32\\userinit.exe,"
  13. "VmApplet"="rundll32 shell32,Control_RunDLL \"sysdm.cpl\""
  14. "SfcQuota"=dword:ffffffff
  15. "allocatecdroms"="0"
  16. "allocatedasd"="0"
  17. "allocatefloppies"="0"
  18. "cachedlogonscount"=dword:00000000
  19. "forceunlocklogon"=dword:00000000
  20. "passwordexpirywarning"=dword:0000000e
  21. "scremoveoption"="0"
  22. "DisableCAD"=dword:00000000
  23. "AllowMultipleTSSessions"=dword:00000000
  24. "UIHost"=hex(2):6c,00,6f,00,67,00,6f,00,6e,00,75,00,69,00,2e,00,65,00,78,00,65,\
  25.   00,00,00
  26. "AutoLogonCount"=dword:00000008
  27. "DebugServerCommand"="no"
  28. "SFCDisable"=dword:00000000
  29. "WinStationsDisabled"="0"
  30. "LogonType"=dword:00000000
  31. "HibernationPreviouslyEnabled"=dword:00000001
  32. "CachePrimaryDomain"="IC"
  33. "DCacheUpdate"=hex:70,81,2b,5b,14,76,c4,01
  34. "ShowLogonOptions"=dword:00000001
  35. "AltDefaultUserName"="administrator"
  36. "Welcome"="- %COMPUTERNAME%"
  37. "DeleteRoamingCache"=dword:00000001
  38. "DefaultUserName"="opacauto"
  39. "DefaultDomainName"="IC"
  40. "DisableLockWorkstation"=dword:00000000
  41. "DefaultPassword"="HYLotC?"
  42. "AutoAdminLogon"="1"
  43.  
  44. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DomainCache]
  45. "ADMINISTRATION"="ad.ic.ac.uk"
  46. "BIO1"="bio.ic.ac.uk"
  47. "BIOENGINEERING"="bg.ic.ac.uk"
  48. "CC"=""
  49. "CCBACKUP"=""
  50. "CH1"="ch.ic.ac.uk"
  51. "CV"="cv.ic.ac.uk"
  52. "IC"="ic.ac.uk"
  53. "ICT"="ict.ic.ac.uk"
  54. "PH1"="ph.ic.ac.uk"
  55. "PHAD"="ad.ph.ic.ac.uk"
  56. "TH1"="th.ic.ac.uk"
  57. "TP"="tp.ph.ic.ac.uk"
  58.  
  59. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions]
  60.  
  61. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}]
  62. @="Wireless"
  63. "ProcessGroupPolicy"="ProcessWIRELESSPolicy"
  64. "DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
  65.   00,00
  66. "NoUserPolicy"=dword:00000001
  67. "NoGPOListChanges"=dword:00000001
  68.  
  69. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}]
  70. @="Folder Redirection"
  71. "ProcessGroupPolicyEx"="ProcessGroupPolicyEx"
  72. "DllName"=hex(2):66,00,64,00,65,00,70,00,6c,00,6f,00,79,00,2e,00,64,00,6c,00,\
  73.   6c,00,00,00
  74. "NoMachinePolicy"=dword:00000001
  75. "NoSlowLink"=dword:00000001
  76. "PerUserLocalSettings"=dword:00000001
  77. "NoGPOListChanges"=dword:00000000
  78. "NoBackgroundPolicy"=dword:00000000
  79. "GenerateGroupPolicy"="GenerateGroupPolicy"
  80. "EventSources"=hex(7):28,00,46,00,6f,00,6c,00,64,00,65,00,72,00,20,00,52,00,65,\
  81.   00,64,00,69,00,72,00,65,00,63,00,74,00,69,00,6f,00,6e,00,2c,00,41,00,70,00,\
  82.   70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,29,00,00,00,00,00
  83.  
  84. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}]
  85. "Status"=dword:00000000
  86. "RsopStatus"=dword:00000000
  87. "LastPolicyTime"=dword:00c53db2
  88. "PrevSlowLink"=dword:00000000
  89. "PrevRsopLogging"=dword:00000001
  90. "ForceRefreshFG"=dword:00000000
  91.  
  92. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}]
  93. @="Microsoft Disk Quota"
  94. "NoMachinePolicy"=dword:00000000
  95. "NoUserPolicy"=dword:00000001
  96. "NoSlowLink"=dword:00000001
  97. "NoBackgroundPolicy"=dword:00000001
  98. "NoGPOListChanges"=dword:00000001
  99. "PerUserLocalSettings"=dword:00000000
  100. "RequiresSuccessfulRegistry"=dword:00000001
  101. "EnableAsynchronousProcessing"=dword:00000000
  102. "DllName"=hex(2):64,00,73,00,6b,00,71,00,75,00,6f,00,74,00,61,00,2e,00,64,00,\
  103.   6c,00,6c,00,00,00
  104. "ProcessGroupPolicy"="ProcessGroupPolicy"
  105.  
  106. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}]
  107. @="QoS Packet Scheduler"
  108. "ProcessGroupPolicy"="ProcessPSCHEDPolicy"
  109. "DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
  110.   00,00
  111. "NoUserPolicy"=dword:00000001
  112. "NoGPOListChanges"=dword:00000001
  113.  
  114. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}]
  115. @="Scripts"
  116. "ProcessGroupPolicy"="ProcessScriptsGroupPolicy"
  117. "ProcessGroupPolicyEx"="ProcessScriptsGroupPolicyEx"
  118. "GenerateGroupPolicy"="GenerateScriptsGroupPolicy"
  119. "DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
  120.   00,00
  121. "NoSlowLink"=dword:00000001
  122. "NoGPOListChanges"=dword:00000001
  123. "NotifyLinkTransition"=dword:00000001
  124.  
  125. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}]
  126. "ProcessGroupPolicy"="SceProcessSecurityPolicyGPO"
  127. "GenerateGroupPolicy"="SceGenerateGroupPolicy"
  128. "ExtensionRsopPlanningDebugLevel"=dword:00000001
  129. "ProcessGroupPolicyEx"="SceProcessSecurityPolicyGPOEx"
  130. "ExtensionDebugLevel"=dword:00000001
  131. "DllName"=hex(2):73,00,63,00,65,00,63,00,6c,00,69,00,2e,00,64,00,6c,00,6c,00,\
  132.   00,00
  133. @="Security"
  134. "NoUserPolicy"=dword:00000001
  135. "NoGPOListChanges"=dword:00000001
  136. "EnableAsynchronousProcessing"=dword:00000001
  137. "MaxNoGPOListChangesInterval"=dword:000003c0
  138. "PreviousPolicyAreas"=dword:00000060
  139. "Status"=dword:00000000
  140. "RsopStatus"=dword:00000000
  141. "LastPolicyTime"=dword:00c541c1
  142. "PrevSlowLink"=dword:00000000
  143. "PrevRsopLogging"=dword:00000001
  144. "ForceRefreshFG"=dword:00000000
  145.  
  146. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}]
  147. "ProcessGroupPolicyEx"="ProcessGroupPolicyEx"
  148. "GenerateGroupPolicy"="GenerateGroupPolicy"
  149. "ProcessGroupPolicy"="ProcessGroupPolicy"
  150. "DllName"=hex(2):69,00,65,00,64,00,6b,00,63,00,73,00,33,00,32,00,2e,00,64,00,\
  151.   6c,00,6c,00,00,00
  152. @="Internet Explorer Branding"
  153. "NoSlowLink"=dword:00000001
  154. "NoBackgroundPolicy"=dword:00000000
  155. "NoGPOListChanges"=dword:00000001
  156. "NoMachinePolicy"=dword:00000001
  157.  
  158. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}]
  159. "ProcessGroupPolicy"="SceProcessEFSRecoveryGPO"
  160. "DllName"=hex(2):73,00,63,00,65,00,63,00,6c,00,69,00,2e,00,64,00,6c,00,6c,00,\
  161.   00,00
  162. @="EFS recovery"
  163. "NoUserPolicy"=dword:00000001
  164. "NoGPOListChanges"=dword:00000001
  165. "RequiresSuccessfulRegistry"=dword:00000001
  166.  
  167. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}]
  168. @="Software Installation"
  169. "DllName"=hex(2):61,00,70,00,70,00,6d,00,67,00,6d,00,74,00,73,00,2e,00,64,00,\
  170.   6c,00,6c,00,00,00
  171. "ProcessGroupPolicyEx"="ProcessGroupPolicyObjectsEx"
  172. "GenerateGroupPolicy"="GenerateGroupPolicy"
  173. "NoBackgroundPolicy"=dword:00000000
  174. "RequiresSucessfulRegistry"=dword:00000000
  175. "NoSlowLink"=dword:00000001
  176. "PerUserLocalSettings"=dword:00000001
  177. "EventSources"=hex(7):28,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,\
  178.   00,6f,00,6e,00,20,00,4d,00,61,00,6e,00,61,00,67,00,65,00,6d,00,65,00,6e,00,\
  179.   74,00,2c,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,\
  180.   00,29,00,00,00,28,00,4d,00,73,00,69,00,49,00,6e,00,73,00,74,00,61,00,6c,00,\
  181.   6c,00,65,00,72,00,2c,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,\
  182.   00,6f,00,6e,00,29,00,00,00,00,00
  183.  
  184. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}]
  185. @="IP Security"
  186. "ProcessGroupPolicy"="ProcessIPSECPolicy"
  187. "DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
  188.   00,00
  189. "NoUserPolicy"=dword:00000001
  190. "NoGPOListChanges"=dword:00000001
  191.  
  192. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
  193.  
  194. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
  195. "Asynchronous"=dword:00000000
  196. "Impersonate"=dword:00000000
  197. "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
  198.   6c,00,00,00
  199. "Logoff"="ChainWlxLogoffEvent"
  200.  
  201. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
  202. "Asynchronous"=dword:00000000
  203. "Impersonate"=dword:00000000
  204. "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
  205.   6c,00,6c,00,00,00
  206. "Logoff"="CryptnetWlxLogoffEvent"
  207.  
  208. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
  209. "DLLName"="cscdll.dll"
  210. "Logon"="WinlogonLogonEvent"
  211. "Logoff"="WinlogonLogoffEvent"
  212. "ScreenSaver"="WinlogonScreenSaverEvent"
  213. "Startup"="WinlogonStartupEvent"
  214. "Shutdown"="WinlogonShutdownEvent"
  215. "StartShell"="WinlogonStartShellEvent"
  216. "Impersonate"=dword:00000000
  217. "Asynchronous"=dword:00000001
  218.  
  219. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
  220. "StartShell"="NavStartShellEvent"
  221. "DllName"="C:\\WINNT\\System32\\NavLogon.dll"
  222. "Logoff"="NavLogoffEvent"
  223.  
  224. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
  225. "DLLName"="wlnotify.dll"
  226. "Logon"="SCardStartCertProp"
  227. "Logoff"="SCardStopCertProp"
  228. "Lock"="SCardSuspendCertProp"
  229. "Unlock"="SCardResumeCertProp"
  230. "Enabled"=dword:00000001
  231. "Impersonate"=dword:00000001
  232. "Asynchronous"=dword:00000001
  233.  
  234. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
  235. "Logoff"="WLEventLogoff"
  236. "Impersonate"=dword:00000000
  237. "Asynchronous"=dword:00000001
  238. "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
  239.   6c,00,6c,00,00,00
  240.  
  241. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
  242. "DLLName"="WlNotify.dll"
  243. "Lock"="SensLockEvent"
  244. "Logon"="SensLogonEvent"
  245. "Logoff"="SensLogoffEvent"
  246. "Safe"=dword:00000001
  247. "MaxWait"=dword:00000258
  248. "StartScreenSaver"="SensStartScreenSaverEvent"
  249. "StopScreenSaver"="SensStopScreenSaverEvent"
  250. "Startup"="SensStartupEvent"
  251. "Shutdown"="SensShutdownEvent"
  252. "StartShell"="SensStartShellEvent"
  253. "PostShell"="SensPostShellEvent"
  254. "Disconnect"="SensDisconnectEvent"
  255. "Reconnect"="SensReconnectEvent"
  256. "Unlock"="SensUnlockEvent"
  257. "Impersonate"=dword:00000001
  258. "Asynchronous"=dword:00000001
  259.  
  260. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
  261. "Asynchronous"=dword:00000000
  262. "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
  263.   6c,00,6c,00,00,00
  264. "Impersonate"=dword:00000000
  265. "Logoff"="TSEventLogoff"
  266. "Logon"="TSEventLogon"
  267. "PostShell"="TSEventPostShell"
  268. "Shutdown"="TSEventShutdown"
  269. "StartShell"="TSEventStartShell"
  270. "Startup"="TSEventStartup"
  271. "MaxWait"=dword:00000258
  272. "Reconnect"="TSEventReconnect"
  273. "Disconnect"="TSEventDisconnect"
  274.  
  275. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
  276. "DLLName"="wlnotify.dll"
  277. "Logon"="RegisterTicketExpiredNotificationEvent"
  278. "Logoff"="UnregisterTicketExpiredNotificationEvent"
  279. "Impersonate"=dword:00000001
  280. "Asynchronous"=dword:00000001
  281.  
  282. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts]
  283.  
  284. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]
  285. "HelpAssistant"=dword:00000000
  286. "TsInternetUser"=dword:00000000
  287. "SQLAgentCmdExec"=dword:00000000
  288. "NetShowServices"=dword:00000000
  289. "IWAM_"=dword:00010000
  290. "IUSR_"=dword:00010000
  291. "VUSR_"=dword:00010000
  292.  
  293. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Credentials]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!