Documents concerning system registry management and troubleshooting
View all tagsThis document outlines a PowerShell script designed to verify the installation of necessary patches to mitigate and detect Active Directory privilege escalation attacks. It checks for the presence of specific patches, monitors registry settings, and identifies non-compliant computer accounts, ultimately enhancing security compliance for domain controllers.
This document provides a detailed implementation guide for setting a registry key that enables auto-lock on Windows machines after 10 minutes of inactivity. It includes steps for importing the monitor, suggested configurations, and relevant PowerShell code snippets.
This document provides an overview of a script that creates a backup of a specified registry item either specifically or recursively to a designated backup location in the Windows registry. The script requires administrative rights and ensures that the backup is identical to the original key.
This document outlines the procedure to clear enforced homepages in Chromium-based browsers. It details the process of removing specific registry keys that control homepage selection, new tab page control, and session restoration, ensuring a clean browser experience.
This document outlines a PowerShell script designed to add registry keys for CVE-2023-32019 remediation on supported Windows operating systems. It includes options for reverting changes and emphasizes the importance of testing the script on a limited number of machines before wider deployment.
This document outlines a script that mitigates the vulnerability CVE-2023-36884 by checking the operating system and Office version, and applying necessary registry changes if conditions are met.
This document provides a comprehensive guide on how to implement a script that modifies registry keys to disable fastboot on Windows workstations, ensuring optimal system performance. The guide includes sample runs, dependencies, task creation steps, and deployment instructions.
This document details the steps to disable Windows optional automatic updates using a script. It includes a sample run, dependencies, and a comprehensive implementation guide with visuals for each step.
This document provides a detailed guide on how to enable Windows Update access by overwriting the DisableWindowsUpdateAccess registry key at the computer and user levels. It includes sample runs, task creation steps, and the PowerShell script necessary for implementation.
This script configures Windows Explorer to display files and folders in List View by modifying specific registry settings. It ensures that the changes apply to all users and creates the necessary registry keys for the desired view mode.
This document details a script designed to disable the Windows Fast Boot feature by adjusting the local registry on the target device. Fast Boot can prevent a full kernel reboot during shutdown, potentially causing system issues and impacting patch installations. The script ensures proper functionality by requiring a device restart for changes to take effect.
This document explains a script that sets the homepage in Google Chrome by modifying the registry policy. It outlines the parameters, dependencies, and process involved in enforcing a specific URL as the homepage, along with optional switches for additional enforcement at startup and on new tabs.
This script inserts a registry key to hide the weather widget from the Windows taskbar. Initially rolled out in version 21H1, the weather widget has been pushed through cumulative updates on supported versions. The script verifies the successful addition of the registry key and flags the machine for a reboot if successful.
This document details a modified script for the Webroot Plugin installation, enabling automatic deployment through ConnectWise Automate. It outlines the script functionality, dependencies, variables, and process for both installed and non-installed software scenarios.
The script automates the Microsoft Intune enrollment process for Entra joined Windows devices.
The script automates the Microsoft Intune enrollment process for Entra joined Windows devices.
This document explains how to determine the value of the KrbtgtFullPacSignature registry key for Domain Controllers. It includes details on the role of the registry key in managing Kerberos protocol changes and provides a detection string for implementation.
This document describes a script used to store the last signed-in user information for PRONOC users, allowing them to restore their computer to its previous state after work is completed. It details the process of creating a registry backup and logging the results.
This document outlines a remote monitor designed to detect discrepancies between the LTTray port value in the registry and the actual port being utilized by Windows. It includes suggested alert styles, templates, and check actions for effective monitoring on Windows machines.
This document provides a detailed guide on how to create a script that modifies the registry to set the update channel for Microsoft 365 products based on values from Client or Computer level Custom Fields. It includes a sample run, task creation steps, and the specific PowerShell script required for execution.
This document provides a comprehensive overview of the workaround for the Microsoft Support Diagnostic Tool (MSDT) vulnerability, detailing its dependencies, tracking progress, and the status of associated registry keys.
This document provides an overview of how to check the Windows registry for the stored credentials flag related to WDigest. It explains the implications of the flag being set or not and highlights potential vulnerabilities associated with it, including references to Mimikatz.
This document provides an overview of an autofix script designed to disable the MimiKatz registry setting if a monitor detects it is enabled. The script is integrated with ticketing to manage service requests and logs its actions for review.
This document outlines a method to detect the presence of the HKEY_CLASSES_ROOT/ms-msdt Registry Key, which is crucial for temporarily remediating the CVE-2022-30190 MSDT vulnerability on Windows systems.
This document outlines the process to create an audit dataview for Domain Controllers focusing on the Netlogon RequireSeal registry key. It provides details on the registry key storage in the Serial Number column and includes settings for detection strings applicable to Windows operating systems.
This script checks the specified registry entries to determine if Point And Print is detected and whether it is set to a safe value. If the registry values are not set or are equal to zero, it reports that no action is required, ensuring system safety.
This document provides a comprehensive overview of all possible redirection registry settings, detailing their global application and specific user impacts. It includes dependencies, a column breakdown, and SQL representation for data collection and analysis.
This document outlines a script developed to delete all contents of the PendingFileRenameOperations registry. It provides a detailed summary of the script’s functionality, sample run logs, dependencies, process flow, and output information, ensuring users understand how to effectively clear registry entries related to pending file rename operations.
This document provides a detailed guide on setting registry values for Windows Update to ensure proper patching and rebooting functionality through ConnectWise RMM. It includes steps for removing unnecessary registry entries and ensuring required values are set correctly.
This document provides a script that removes any registry entries that may be preventing Windows updates and restores the default Windows Update settings, ensuring that updates are fully re-enabled for the user.
This document provides a detailed guide on removing registry entries that may prevent Windows updates and restoring the default Windows Update settings to fully re-enable updates for users. It includes step-by-step instructions for task creation and implementation using a PowerShell script.
This document describes a remote monitor designed to detect if Windows Fast Boot is enabled via a registry check, disable it, and validate the change. If the operation fails, a ticket is generated noting the failure; otherwise, it confirms successful disabling of Fast Boot.
This document provides a detailed procedure for disabling Windows Update through registry modifications. It includes example logs from the agent procedure, outlining the steps taken to change registry settings and verify success.
This document provides a comprehensive overview of a script designed to back up, remove, or restore the HKEY_CLASSES_ROOT/ms-msdt registry key. It details the script’s execution, parameters, dependencies, process, and expected output, including ticketing features for failure management.
This document provides a detailed overview of a script that backs up, removes, or restores the registry key HKEY_CLASSES_ROOT/search-ms. It outlines the script’s functionality, dependencies, and processes involved in executing the script, including options for manual execution and ticket creation for failures.