<![CDATA[
<p>echo <a href="https://jsb000.tistory.com/2710" target="_blank" class="ke-link">https://jsb000.tistory.com/2710</a></p><p>echo <a href="https://kbhost.nl/knowledgebase/bypass-tpm-and-cpu-check/" target="_blank" class="ke-link">https://kbhost.nl/knowledgebase/bypass-tpm-and-cpu-check/</a></p><p>echo 구형 컴퓨터 설치 불가 해제 레지스트 </p><p>REG ADD "HKLM\SYSTEM\Setup\LabConfig" /v "BypassTPMCheck" /t REG_DWORD /d 1 /f <br>REG ADD "HKLM\SYSTEM\Setup\LabConfig" /v "BypassSecureBootCheck" /t REG_DWORD /d 1 /f <br>REG ADD "HKLM\SYSTEM\Setup\LabConfig" /v "BypassRAMCheck" /t REG_DWORD /d 1 /f <br>REG ADD "HKLM\SYSTEM\Setup\LabConfig" /v "BypassStorageCheck" /t REG_DWORD /d 1 /f <br>REG ADD "HKLM\SYSTEM\Setup\LabConfig" /v "BypassCPUCheck" /t REG_DWORD /d 1 /f</p><div class="figure-file" data-ke-type="file" data-file-src="https://t1.daumcdn.net/cafeattach/1HRzv/0c06d1188a330b42dfc4f47e33fb421650ba373a?download" data-file-name="Bypass_TPM_SecureBoot_Storage_RAM_CPU_Check.reg" data-file-size="447" data-mimetype="" data-ke-align="alignCenter"><a href="javascript:checkVirus('grpid%3D1HRzv%26fldid%3DASdB%26dataid%3D421%26fileid%3D1%26regdt%3D20220601183426&url=https%3A%2F%2Ft1.daumcdn.net%2Fcafeattach%2F1HRzv%2F0c06d1188a330b42dfc4f47e33fb421650ba373a')"><div class="image"></div><div class="desc"><div class="filename"><span class="name">Bypass_TPM_SecureBoot_Storage_RAM_CPU_Check</span><span class="type">.reg</span></div><div class="size">447B</div></div></a></div><p>echo 업글 안될때. ms에서 제공 하는 방법 ㅎ </p><p>REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup" /v "AllowUpgradesWithUnsupportedTPMOrCPU" /t REG_DWORD /d 1 /f</p><p> </p><p> </p><p>echo 자격 증명 악성코드가 남발 하는거 차단, 자격 증명 신뢰 할수 있는 요구</p><p>echo 단점은 이걸 하면 먼가를 설치 할때 alt del ctrl 누르라고 구찮게 한다. 하지만 그래도 자격증명 열거 보단.. 좋다.</p><p>echo <a href="https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.CredentialsUI::EnableSecureCredentialPrompting&Language=ko-kr" target="_top" class="ke-link">https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.CredentialsUI::EnableSecureCredentialPrompting&Language=ko-kr</a>    </p><p>REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI" /v "EnableSecureCredentialPrompting" /t REG_DWORD /d 1 /f </p><p> </p><p>echo <a href="https://cafe.daum.net/candan/BLQD/68" target="_blank" class="ke-link">https://cafe.daum.net/candan/BLQD/68</a> 자격 증명 메뉴 강화</p><p>echo 로그인 비밀번호 입력 보이게 하기 버튼 숨기기 <a href="https://appuals.com/disable-password-reveal-button-in-windows-10/" target="_top" class="ke-link">https://appuals.com/disable-password-reveal-button-in-windows-10/</a></p><p>REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI" /v "DisablePasswordReveal" /t REG_DWORD /d 1 /f </p><p> </p><p>echo 권한 상승시에 비밀번호 다시 물어 보기</p><p>REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI" /v "EnumerateAdministrators" /t REG_DWORD /d 1 /f </p><p> </p><p>echo 비밀번호 힌트 가리기 <a href="https://www.tenforums.com/tutorials/117755-enable-disable-security-questions-local-accounts-windows-10-a.html" target="_top" class="ke-link">https://www.tenforums.com/tutorials/117755-enable-disable-security-questions-local-accounts-windows-10-a.html</a></p><p>REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI" /v "NoLocalPasswordResetQuestions" /t REG_DWORD /d 1 /f </p><p> </p><p> </p><p>echo 계정 로그인 감사(어떤 놈이 내 컴퓨터 로그인 하지는지 로그에 남기기) 매우 중요함.</p><p>AuditPol /List /Category /V</p><p> </p><p>echo 계정 로그온                                  {xxxx-xxxx-xxxx-xxxx-xxxx}</p><p>echo 등록 아래 처럼.</p><p>auditpol /set /category:"{xxxx-xxxx-xxxx-xxxx-xxxx}" /success:enable /failure:enable</p><p> </p><p> </p><p>echo <a href="https://forbes.tistory.com/1265" target="_top" class="ke-link">https://forbes.tistory.com/1265</a></p><p>echo 오프라인 계정 만들기</p><p><s>echo 사용자 a</s><br><s>echo 암호 a</s></p><p><s>echo 에러나도 계속 진행 오프라인 계정이 나온다 휴.</s></p><p>(최근에 ms가 오프라인 계정을 방치 하기 때문에 온라인 계정을 강재 사용 해야 해킹을 덜 당하는 것 같습니다 최초 로그인 할때 FIDA2 보안키를 사용 하면 좀더 안전 합니다 ms 계정이 없다고 하여도 오프라인으로 만든다고 하여도 PIN 암호를 사용 하세요 해킹에 덜 당한다고 하네요.)</p><p> </p><p> </p><p>echo 윈도우 시작이 검은 화면 cmd 인텔 그래픽 카드 관련 지우기</p><p>del "%windir%\system32\*.bat"</p><p> </p><p>echo <a href="https://www.revouninstaller.com/start-freeware-download/" target="_blank" class="ke-link">https://www.revouninstaller.com/start-freeware-download/</a> 앱 삭제(삭제 안되는 앱)</p><p> </p><p> </p><p>echo 게스트 계정으로 접근 시도가 있었다. CompatTelRunner.exe</p><p>schtasks /change /tn "Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" /disable >nul</p><p>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v AllowTelemtery /t reg_DWORD /d 0 /f</p><p> </p><p>echo 원격실행 안되게 하기 레지스트 <a href="https://www.technipages.com/prevent-users-from-running-certain-programs" target="_blank" class="ke-link">https://www.technipages.com/prevent-users-from-running-certain-programs</a></p><p>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v DisallowRun /t REG_DWORD /d 1 /f <br>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 1 /t REG_SZ /d mstsc.exe /f <br>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v DisallowRun /t REG_DWORD /d 1 /f <br>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 1 /t REG_SZ /d mstsc.exe /f</p><p> </p><p>echo 게스트 원격 차단</p><p>icacls "%windir%\System32\mstsc.exe"  <br>takeown /F "%windir%\System32\mstsc.exe" /A <br>icacls "%windir%\System32\mstsc.exe" /grant Administrators:F <br>icacls "%windir%\System32\mstsc.exe" /setintegritylevel H <br>icacls "%windir%\System32\mstsc.exe" /deny "Guest:F" "*S-1-5-32-546:F" "*S-1-0-0:F" "*S-1-5-7:F" <br>icacls "%windir%\System32\mstsc.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\System32\mstsc.exe" /grant:r Administrators:RX</p><p> </p><p>echo 등록한거 삭제<br>icacls "%windir%\System32\mstsc.exe"  <br>takeown /F "%windir%\System32\mstsc.exe" /A <br>icacls "%windir%\System32\mstsc.exe" /grant Administrators:F <br>icacls "%windir%\System32\mstsc.exe" /remove "Guest" "*S-1-5-32-546" "*S-1-0-0" "*S-1-5-7" <br>icacls "%windir%\System32\mstsc.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\System32\mstsc.exe" /grant:r Administrators:RX</p><p> </p><p> </p><p>echo https://www.ntlite.com/community/index.php?threads/windows-11.2235/page-12 <br>echo  Remove Chat <br>Reg Add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v TaskbarMn /t REG_DWORD /d 0 /f <br>Reg Add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Chat" /v ChatIcon /t REG_DWORD /d 3 /f</p><p> </p><p>echo 모르는 사람이 원격으로 내 컴퓨터 폴더 옵션을 건드는 문제 항목 체크 표시 (내가 불편 해서 안되겠다 ㅎ)</p><p><s>echo <a href="https://winaero.com/how-to-disable-folder-options-in-windows-10/" target="_blank" class="ke-link">https://winaero.com/how-to-disable-folder-options-in-windows-10/</a>  </s></p><p><s>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoFolderOptions /t REG_DWORD /d 1 /f</s></p><p> </p><p><s>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoFolderOptions /t REG_DWORD /d 0 /f</s></p><p> </p><p> </p><p>echo 장치간 공유 해제 <a href="https://www.elevenforum.com/t/turn-on-or-off-share-across-devices-for-app-experiences-in-windows-11.3857/" target="_blank" class="ke-link">https://www.elevenforum.com/t/turn-on-or-off-share-across-devices-for-app-experiences-in-windows-11.3857/</a> 앱공유 끄기 <a href="https://github.com/Thdub/Optimize_NextGen/blob/master/Files/Scripts/RegistryTweaks/Registry%20Tweaks.bat" target="_blank" class="ke-link">https://github.com/Thdub/Optimize_NextGen/blob/master/Files/Scripts/RegistryTweaks/Registry%20Tweaks.bat</a>  </p><p>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\CDP" /v CdpSessionUserAuthzPolicy /t REG_DWORD /d 0 /f</p><p>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\CDP" /v RomeSdkChannelUserAuthzPolicy /t REG_DWORD /d 0 /f</p><p>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\CDP" /v EnableRemoteLaunchToast /t REG_DWORD /d 0 /f<br><br>echo  Remove Widget 이걸 비활성 하면 디스플레이 야간도 안된다.<br>Reg Add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v TaskbarDa /t REG_DWORD /d 0 /f <br>Reg Add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Dsh" /v AllowNewsAndInterests /t REG_DWORD /d 0 /f <br>Reg Add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" /v EnableFeeds /t REG_DWORD /d 0 /f</p><p> </p><p>echo 롤 글자 렉 걸리는 문제 크롬 끝 글자 잘리는 문제 등록<br>reg add "HKEY_CURRENT_USER\Software\Policies\Microsoft\InputMethod\Settings\KOR" /v ConfigureImeVersion /t REG_DWORD /d 1 /f <br><br></p><p> </p><p> </p><p> </p><p>echo 앱 <a href="https://winaero.com/enable-or-disable-web-site-access-to-language-list-in-windows-10/" target="_blank" class="ke-link">https://winaero.com/enable-or-disable-web-site-access-to-language-list-in-windows-10/</a> 웹 싸이트에서 내 언어 목록에 엑센스하여 관련 콘텐츠를 로컬로 표시하도록 허용(해제 하기)</p><p>reg add "HKEY_CURRENT_USER\Control Panel\International\User Profile" /v HttpAcceptLanguageOptOut /t REG_DWORD /d 1 /f</p><p> </p><p> </p><p>echo 업데이트 오류 <a href="https://cafe.daum.net/candan/HbCr/125" target="_blank" class="ke-link">https://cafe.daum.net/candan/HbCr/125</a> Windows.SecurityCenter.SecurityAppBroker 부여하지 않았습니다</p><p>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v "DelayedAutostart" /t REG_DWORD /d 0 /f</p><p>sc config "wuauserv" start= delayed-auto</p><p>sc start "wuauserv"</p><p> </p><p>echo 정체를 알수 없는 스토리지 실행 smphost</p><p>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\smphost" /v "Start" /t REG_DWORD /d 4 /f</p><p>sc config "smphost" start= disabled</p><p>sc stop "smphost"</p><p> </p><p>echo 원격 RDCS 구성 SessionEnv <br>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SessionEnv" /v "Start" /t REG_DWORD /d 4 /f <br>sc config "SessionEnv" start= disabled <br>sc stop "SessionEnv"</p><p> </p><p>echo 사용자가 원격 컴퓨터에 대화형 TermService <br>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService" /v "Start" /t REG_DWORD /d 4 /f <br>sc config "TermService" start= disabled <br>sc stop "TermService"</p><p> </p><p>echo 프린터/드라이버/RDP UmRdpService <br>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UmRdpService" /v "Start" /t REG_DWORD /d 4 /f <br>sc config "UmRdpService" start= disabled <br>sc stop "UmRdpService"</p><p> </p><p> </p><p>echo netplwiz</p><p> </p><p>echo IIS 실행 금지</p><p>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 3 /t REG_SZ /d w3wp.exe /f <br>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 3 /t REG_SZ /d w3wp.exe /f</p><p> </p><p>echo 있지도 않는 스토리지 사용 금지 smphost</p><p>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 4 /t REG_SZ /d smphost.dll /f</p><p> </p><p>echo IIS 공유 관련 SMSvcHost W3wp.exe 켜는 아이 </p><p>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 5 /t REG_SZ /d smsvchost.exe /f</p><p> </p><p>echo 수상한 Cortana 실행 차단</p><p>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 6 /t REG_SZ /d backgroundTaskHost.exe /f</p><p> </p><p>echo 수상한 smb 실행 차단</p><p>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 7 /t REG_SZ /d wkssvc.dll /f</p><p> </p><p> </p><p>echo 기업용 앱들 </p><p>echo <a href="https://pureinfotech.com/view-installed-apps-powershell-windows-10/" target="_blank" class="ke-link">https://pureinfotech.com/view-installed-apps-powershell-windows-10/</a> <br>Get-AppxPackage –AllUsers | Select Name, PackageFullName > D:\Get-AppxPackage.txt <br>Get-AppxPackage Microsoft.PowerAutomateDesktop -AllUsers | Remove-AppxPackage  <br>Get-AppxPackage MicrosoftTeams -AllUsers | Remove-AppxPackage</p><p> </p><p>echo <a href="https://www.minitool.com/news/ms-gaming-overlay-popup.html" target="_blank" class="ke-link">https://www.minitool.com/news/ms-gaming-overlay-popup.html</a> <br>echo 게임 런처 삭제 해킹에 악용 되는듯 자격증명을 받고 계심  <br>Get-AppxPackage Microsoft.XboxGamingOverlay | Remove-AppxPackage <br>REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\GameDVR" /v "AppCaptureEnabled" /t REG_DWORD /d 0 /f <br>REG ADD "HKEY_CURRENT_USER\System\GameConfigStore" /v "GameDVR_Enabled" /t REG_DWORD /d 0 /f</p><p> </p><p>echo net3.5 설치 안되는 문제 usb 꼽고 X부분을 자신의 usb에 맞게 수정 예를 들자면 E? 나 F?</p><p>DISM /Online /Enable-Feature /FeatureName:NetFx3 /All /LimitAccess /Source:X:\sources\sxs</p><p> </p><p>echo 넷 바이오스 사용안함 NetBIOS over TCP/IP <a href="https://cafe.daum.net/candan/GGFN/271" target="_blank" class="ke-link">https://cafe.daum.net/candan/GGFN/271</a> <br>$regkey = "HKLM:SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces" <br>Get-ChildItem $regkey |foreach { Set-ItemProperty -Path "$regkey\$($_.pschildname)" -Name NetbiosOptions -Value 2 -Verbose} <br>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v EnableLMHOSTS /t REG_DWORD /d "0" /f</p><p> </p><p>echo Global.Accounts 관련 <a href="https://cafe.daum.net/candan/I45j/78" target="_blank" class="ke-link">https://cafe.daum.net/candan/I45j/78</a>  잠금 화면 추천 별걸로 해킹을 다하는 느낌.</p><p>reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-Enabled" /t REG_DWORD /d "0" /f</p><p>reg add "HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsSpotlightFeatures" /t REG_DWORD /d "1" /f</p><p> </p><p>echo backgroundTaskHost.exe 수상함 Global.Accounts</p><p>reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Search /v BingSearchEnabled /t REG_DWORD /d 0 /f <br>reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Search /v CortanaConsent /t REG_DWORD /d 0 /f <br>reg add “HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search” /v AllowCortana /t REG_DWORD /d 0 /f <br><br><br></p><p> </p><p> </p><p>echo 심하면 잠금 하고 써야 할듯 수상함 ㅎ(모르는 사람 장치 관리자 등록 했더니)</p><p>echo 이렇게 해도 안되더라. 코어에 이상한 장치가 설치 된 경우 수동으로 제거 해야 한다</p><p>echo <a href="https://cafe.daum.net/candan/HbCr/123" target="_blank" class="ke-link">https://cafe.daum.net/candan/HbCr/123</a>   </p><p>pnputil /delete-driver oem5.inf /uninstall</p><p> </p><p> </p><p>echo <a href="https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-deviceguard-unattend" target="_blank" class="ke-link">https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-deviceguard-unattend</a>  무결성이 겹쳐서 비활성화 된듯 하다. 이렇게 하니 문제 없이 잘 작동 하였다. 코어 격리</p><p>REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /t REG_DWORD /d 1 /f <br>REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v "LsaCfgFlags" /t REG_DWORD /d 1 /f <br>REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "HypervisorEnforcedCodeIntegrity" /t REG_DWORD /d 1 /f</p><p> </p><p>echo <a href="https://docs.microsoft.com/ko-kr/windows/security/identity-protection/remote-credential-guard" target="_top" class="ke-link">https://docs.microsoft.com/ko-kr/windows/security/identity-protection/remote-credential-guard</a> 원격에게 자격증명 제한 하기</p><p>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /v "DisableRestrictedAdmin" /t REG_DWORD /d 0 /f</p><p> </p><p> </p><p>echo hello 모든 계정 강재 하기</p><p>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\PassportForWork" /v Enabled /t REG_DWORD /d 1 /f</p><p> </p><p> </p><p>echo <a href="https://cafe.daum.net/candan/AurF/106" target="_blank" class="ke-link">https://cafe.daum.net/candan/AurF/106</a> 감사실패 관련 알수 없는 로그인 하는 경우. </p><p>echo 내보내기  <br>md d:\secedit  <br>secedit /export /cfg d:\secedit\cfg.ini > nul <br><br>tar -cvzf secedit.zip d:\secedit <br>echo 만약을 위해 압축 하기 <br><br>notepad d:\secedit\cfg.ini <br>echo 수정하기</p><p> </p><p>MinimumPasswordAge = 0 (기본값) 최소 하루</p><p>MinimumPasswordAge = 1</p><p> </p><p>LockoutBadCount = 0 : (기본값) 계정 정책 > 계정 잠금 정책 > 계정 잠금 임계값 <a href="https://cafe.daum.net/candan/BLQD/81" target="_blank" class="ke-link">https://cafe.daum.net/candan/BLQD/81</a></p><p>LockoutBadCount = 3</p><p> </p><p>PasswordComplexity = 0 암호 복잡성 기본값 사용안함 아래 1은 사용 </p><p>PasswordComplexity = 1</p><p> </p><p>MinimumPasswordLength = 0 암호 최소 길이</p><p>MinimumPasswordLength = 7</p><p><br>SeDenyNetworkLogonRight = Guest <br>SeDenyInteractiveLogonRight = Guest</p><p>echo 로컬 로그인 차단 SeDenyInteractiveLogonRight</p><p><br>SeDenyBatchLogonRight = Guest <br>SeDenyServiceLogonRight = Guest <br>SeDenyRemoteInteractiveLogonRight = Guest<br>echo 없다면 삽입 해주기</p><p> </p><p>SeDenyNetworkLogonRight = Guest,*S-1-5-32-546,*S-1-0-0,*S-1-5-7,*S-1-5-14,*S-1-5-17,*S-1-5-32-555,*S-1-5-32-568,*S-1-5-32-575,*S-1-5-32-576,*S-1-5-32-577,*S-1-5-9,*S-1-5-113,*S-1-5-80-0 <br>SeDenyInteractiveLogonRight = Guest,*S-1-5-32-546,*S-1-0-0,*S-1-5-7,*S-1-5-14,*S-1-5-17,*S-1-5-32-555,*S-1-5-32-568,*S-1-5-32-575,*S-1-5-32-576,*S-1-5-32-577,*S-1-5-9 <br>SeDenyBatchLogonRight = Guest,*S-1-5-32-546,*S-1-0-0,*S-1-5-7,*S-1-5-14,*S-1-5-17,*S-1-5-32-555,*S-1-5-32-568,*S-1-5-32-575,*S-1-5-32-576,*S-1-5-32-577,*S-1-5-9 <br>SeDenyServiceLogonRight = Guest,*S-1-5-32-546,*S-1-0-0,*S-1-5-7,*S-1-5-14,*S-1-5-17,*S-1-5-32-555,*S-1-5-32-568,*S-1-5-32-575,*S-1-5-32-576,*S-1-5-32-577,*S-1-5-9 <br>SeDenyRemoteInteractiveLogonRight = Guest,*S-1-5-32-546,*S-1-0-0,*S-1-5-7,*S-1-5-113,*S-1-5-14,*S-1-5-17,*S-1-5-32-555,*S-1-5-32-568,*S-1-5-32-575,*S-1-5-32-576,*S-1-5-32-577,*S-1-5-9,*S-1-5-32-544,*S-1-1-0,*S-1-2-0,*S-1-2-1,*S-1-5-80-0</p><p>echo 구차니즘 2개 지우면서 5개 등록 하기.</p><p> </p><p>SeServiceLogonRight = *S-1-5-80-0 <br>echo 원본 서비스 로그인 모든 프로세스 허용 <a href="https://cafe.daum.net/candan/GGFN/302" target="_blank" class="ke-link">https://cafe.daum.net/candan/GGFN/302</a>   시스템이 자꾸 5 유형으로 로그인 하는 <br><br>SeServiceLogonRight = *S-1-5-20 <br>echo 수정 네트워크 서비스로 제한 하기 </p><p> </p><p> </p><p>SeNetworkLogonRight = *S-1-1-0,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-551</p><p>echo 원본 네트워크 로그인 모든 사용자 읽기</p><p> </p><p>SeNetworkLogonRight = *S-1-5-32-544,*S-1-5-32-545</p><p>echo 사용자 관리자로 제한</p><p> </p><p> </p><p>SeChangeNotifyPrivilege = *S-1-1-0,*S-1-5-19,*S-1-5-20,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-551</p><p>echo 원본 트래버스 무시 모든 사용자 문제 보완</p><p> </p><p>SeChangeNotifyPrivilege = *S-1-5-19,*S-1-5-20,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-551</p><p>echo 모든 사용자를 제거 해야 한다고 한다 <a href="https://docs.microsoft.com/ko-kr/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking" target="_blank" class="ke-link">https://docs.microsoft.com/ko-kr/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking</a></p><p> </p><p> </p><p>echo (ms 계정이 없는 오프라인 경우에만 사용 하세요) 신뢰할수 있는 자격증명 추가 해주기 자격증명 열거방어 500이 어드민이다 </p><p> </p><p>SeInteractiveLogonRight    S-1-5-32-546 </p><p>echo 로컬 로그인 허용에서 게스트 제거 "S-1-5-32-546" 게스트를 의미함</p><p> </p><p>SeCreateTokenPrivilege = *S-1-2-0</p><p>echo 토큰 관련 로컬로 하기</p><p> </p><p>SeRelabelPrivilege = Administrator</p><p>echo 레이블 관련 관리자로 한정하기</p><p><br>echo 적용하기 <br>secedit /configure /db test.sdb /cfg d:\secedit\cfg.ini <br>echo 입력 하기는 안됨 -_-;; 아쉽게.. 이건 됨. db는 그냥 아무거나 적으면 된다. 없다면</p><p> </p><p>echo 손상여부 확인 즉 내가 만든 것과 시스템에 적용 된 것과 같은지 비교</p><p>secedit /validate d:\secedit\cfg.ini </p><p> </p><p>echo <a href="https://womenssafetyhackathon.com/how-do-i-disable-tabtip-exe/" target="_blank" class="ke-link">https://womenssafetyhackathon.com/how-do-i-disable-tabtip-exe/</a> 해킹 당하는 것 같은 터치 패널 사용안함 TabTip.exe</p><p>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wisp\Touch" /v "TouchGate" /t REG_DWORD /d "0" /f</p><p> </p><p>echo <a href="https://www.droidwin.com/how-to-remove-recommended-section-from-windows-11-start-menu/" target="_blank" class="ke-link">https://www.droidwin.com/how-to-remove-recommended-section-from-windows-11-start-menu/</a></p><p>echo 맞춤 항목 숨기기 비활성 개인정보 노출  </p><p>reg add "HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer" /v "HideRecommendedSection" /t REG_DWORD /d "1" /f</p><p> </p><p> </p><p>echo <a href="https://www.tenforums.com/tutorials/100629-remove-link-state-power-management-power-options-windows-10-a.html" target="_blank" class="ke-link">https://www.tenforums.com/tutorials/100629-remove-link-state-power-management-power-options-windows-10-a.html</a>  </p><p>echo nvlddmkm 13 그래픽 카드 오류 문제 그래픽 카드가 절전 모드 하는 현상 버그 같다.</p><p>REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Power\PowerSettings\501a4d13-42af-4429-9fd1-a8218c268e20\ee12f906-d277-404b-b6da-e5fa1a576df5" /v Attributes /t REG_DWORD /d 2 /f</p><p>powercfg -attributes SUB_PCIEXPRESS ee12f906-d277-404b-b6da-e5fa1a576df5 -ATTRIB_HIDE</p><p> </p><p>echo ID 5379 관련 <a href="https://winaero.com/add-ahci-link-power-management-to-power-options-in-windows/#:~:text=AHCI%20Link%20Power%20Management%20configures,of%20the%20classic%20Control%20Panel." target="_top" class="ke-link">https://winaero.com/add-ahci-link-power-management-to-power-options-in-windows/#:~:text=AHCI%20Link%20Power%20Management%20configures,of%20the%20classic%20Control%20Panel.</a></p><p>echo <a href="https://answers.microsoft.com/en-us/windows/forum/all/excessive-security-log-events-event-id-5379/8eb0c350-ce2f-4521-9cfd-f7b816d54715" target="_blank" class="ke-link">https://answers.microsoft.com/en-us/windows/forum/all/excessive-security-log-events-event-id-5379/8eb0c350-ce2f-4521-9cfd-f7b816d54715</a></p><p>powercfg -attributes SUB_DISK 0b2d69d7-a2a1-449c-9680-f91c70521c60 -ATTRIB_HIDE</p><p>REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\PowerSettings\0012ee47-9041-4b5d-9b77-535fba8b1442\0b2d69d7-a2a1-449c-9680-f91c70521c60" /v "Attributes" /t REG_DWORD /d 2 /f</p><p> </p><p> </p><p>echo <a href="https://www.elevenforum.com/t/how-to-disable-permanently-microsoft-edge-webview2-runtime.4463/" target="_top" class="ke-link">How to disable permanently Microsoft Edge Webview2 Runtime? | Windows 11 Forum (elevenforum.com)</a></p><p>echo gpedit.msc 설치</p><p>FOR %F IN ("%SystemRoot%\servicing\Packages\Microsoft-Windows-GroupPolicy-ClientTools-Package~*.mum") DO (DISM /Online /NoRestart /Add-Package:"%F")  <br>FOR %F IN ("%SystemRoot%\servicing\Packages\Microsoft-Windows-GroupPolicy-ClientExtensions-Package~*.mum") DO (DISM /Online /NoRestart /Add-Package:"%F")</p><p> </p><p>echo obs 백업 복구  <a href="https://cafe.daum.net/candan/I45w/52" target="_blank" class="ke-link">https://cafe.daum.net/candan/I45w/52</a></p><p>Bandizip.exe c %USERPROFILE%\Desktop\obs-studio.zip %appdata%\obs-studio <br>echo 이렇게 하면 바탕 화면에 알아서 파일이 백업됨 <br><br>echo 백업 했던 것을 다시 복구 하기. <br>rd /s /q %appdata%\obs-studio <br>md %appdata%\obs-studio <br>Bandizip.exe x %USERPROFILE%\Desktop\obs-studio.zip %appdata%\obs-studio <br><br>Bandizip.exe x %USERPROFILE%\Desktop\obs-studio.zip %appdata%</p><p> </p><p>echo C++ 2015를 설치 하거나 교채 해도 실행이 안되고 오직 C++ 2019를 설치 해야 된다.</p><p>echo 윈도우를 복구 하면 obs가 맛이 가는대. 바이러스 검사 해도 나오지 않음.</p><p>echo <a href="https://aka.ms/vs/16/release/VC_redist.x64.exe" target="_top" class="ke-link">https://aka.ms/vs/16/release/VC_redist.x64.exe</a></p><p>echo <a href="https://aka.ms/vs/16/release/VC_redist.x86.exe" target="_top" class="ke-link">https://aka.ms/vs/16/release/VC_redist.x86.exe</a>   </p><p> </p><p> </p><p> </p><p> </p><p><a href="https://dotnet.microsoft.com/en-us/download/dotnet/7.0" target="_blank" class="ke-link">https://dotnet.microsoft.com/en-us/download/dotnet/7.0</a>  </p><p>NET 7.0</p><p> </p><p>echo <a href="https://cafe.daum.net/candan/AurF/95" target="_blank" class="ke-link">https://cafe.daum.net/candan/AurF/95</a> <a href="https://www.thewindowsclub.com/enable-enhanced-anti-spoofing-feature-windows-10" target="_blank" class="ke-link">https://www.thewindowsclub.com/enable-enhanced-anti-spoofing-feature-windows-10</a></p><p>echo 스푸핑 관련</p><p>reg add "HKLM\SOFTWARE\Policies\Microsoft\Biometrics\FacialFeatures" /v EnhancedAntiSpoofing /t REG_DWORD /d 1 /f</p><p> </p><p>echo <a href="https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.EventLogs::Channel_Log_Retention_1&Language=ko-kr" target="_top" class="ke-link">https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.EventLogs::Channel_Log_Retention_1&Language=ko-kr</a>   </p><p>echo 실시간 세션 "NT Kernel Logger"에 대한 백업 파일이 최대 크기에 도달했습니다. </p><p>Reg Add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\EventLog\Application" /v Retention /t REG_SZ /d 1 /f</p><p> </p><p>echo <a href="https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.UserProfiles::CleanupProfiles&Language=ko-kr" target="_top" class="ke-link">https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.UserProfiles::CleanupProfiles&Language=ko-kr</a> </p><p>echo 오래된 사용 하지 않는 사용자 프로필 삭제. 1일<br>Reg Add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System" /v CleanupProfiles /t REG_DWORD /d 1 /f </p><p> </p><p>echo 프록시 비활성화</p><p>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings" /v "AutoDetect" /t REG_DWORD /d "0" /f</p><p>reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v "AutoDetect" /t REG_DWORD /d "0" /f</p><p> </p><p>echo 비활성 안되는 규칙 삭제. 파워쉘 </p><p>remove-netfirewallrule -DisplayName "mDNS(Udp-in)" <br>remove-netfirewallrule -DisplayName "시작"</p><p>remove-netfirewallrule -DisplayName "Microsoft Teams"</p><p> </p><p>echo <a href="https://appuals.com/kernel-event-tracing-error-0xc0000035-windows/" target="_blank" class="ke-link">https://appuals.com/kernel-event-tracing-error-0xc0000035-windows/</a>   </p><p>echo <a href="https://www.windowsphoneinfo.com/threads/errors-microsoft-windows-remediation-event-2-error-0xc0000035.574393/" target="_blank" class="ke-link">https://www.windowsphoneinfo.com/threads/errors-microsoft-windows-remediation-event-2-error-0xc0000035.574393/</a></p><p>echo 0xc0000035 kernel-eventtracing 2 오류 백신 때문에? 메모리 관련 오류 perfmon 윈도우 R 이벤트 뷰어 xml 켜기 echo SessionName 살펴보기 데이터 수집> 이벤트 추적 세션</p><p>Reg Add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger\EventLog-System\{b675ec37-bdb6-4648-bc92-f3fdc74d3ca2}" /v Enabled /t REG_DWORD /d 0 /f</p><p> </p><p> </p><p>echo <a href="https://cafe.daum.net/candan/GGFN/291" target="_top" class="ke-link">https://cafe.daum.net/candan/GGFN/291</a> 설치 하는 방법 기초</p><p>echo [winget 없는 사용자 설치 안되는 사용자 읽어야 할 부분 입니다]</p><p>echo <a href="https://www.lainyzine.com/ko/article/how-to-install-winget-on-windows-10/" target="_top" class="ke-link">https://www.lainyzine.com/ko/article/how-to-install-winget-on-windows-10/</a></p><p>echo 윈도우11은 먼가를 설치 하지 않아도 되지만 윈도우10 사용자의 경우 수동으로 설치 해야 한다.</p><p>echo ms 스토어에서 `앱 설치 관리자`를 설치 해야 한다.</p><p>echo <a href="https://www.microsoft.com/store/productId/9NBLGGH4NNS1" target="_top" class="ke-link">https://www.microsoft.com/store/productId/9NBLGGH4NNS1</a>    매우 웃긴건 다운로드가 안된다.</p><p>echo 그리고 되게 하는 방법은 피드백 허브를 켜고 안된다고 작성 대충 하고 기록 하기를 누른 상태에서 다운로드 버튼을 누르면 안되는게 다운로드가 진행 된다 -_-;;</p><p> </p><p>echo 프로그램 자동 설치 </p><p> </p><p><br><br></p><p>winget install "PotPlayer" --id "Daum.PotPlayer" -s "winget" --accept-package-agreements <br>winget install "LAV Filters" --id "Nevcairiel.LAVFilters" -s "winget" --accept-package-agreements <br>winget install "GIMP" --id "GIMP.GIMP" -s "winget" --accept-package-agreements<br>winget install "Bandizip" --id "Bandisoft.Bandizip" -s "winget" --accept-package-agreements <br>winget install "FastStone Image Viewer" --id "FastStone.Viewer" -s "winget" --accept-package-agreements <br>winget install "qBittorrent Enhanced Edition" --id "c0re100.qBittorrent-Enhanced-Edition" -s "winget" --accept-package-agreements <br>winget install "MKVToolNix" --id "MKVToolNix.MKVToolNix" -s "winget" --accept-package-agreements</p><p> </p><p>winget install "WinMerge" --id "WinMerge.WinMerge" -s "winget" --accept-package-agreements</p><p>winget install "Revo Uninstaller" --id "RevoUninstaller.RevoUninstaller" -s "winget" --accept-package-agreements</p><p> </p><p>winget install "Microsoft Visual C++ 2015-2022 Redistributable (x86)" --id "Microsoft.VC++2015-2022Redist-x86" -s "winget" --accept-package-agreements <br>winget install "Microsoft Visual C++ 2015-2022 Redistributable (x64)" --id "Microsoft.VC++2015-2022Redist-x64" -s "winget" --accept-package-agreements</p><p> </p><p> </p><p>winget install "Microsoft .NET Runtime 7.0 Preview" --id "Microsoft.DotNet.Runtime.Preview" -s "winget" --accept-package-agreements</p><p> </p><p>echo 에러가 있음 설치가 안됨</p><p><s>winget install "VLC media player" --id "VideoLAN.VLC" -s "winget" --accept-package-agreements</s></p><p>echo <a href="https://www.videolan.org/vlc/index.ko.html" target="_blank" class="ke-link">https://www.videolan.org/vlc/index.ko.html</a> 수동 설치 하라고 함 -_-;; 말이야 방구야.</p><p><s>winget install -e --id Daum.PotPlayer</s></p><p><s>winget install "Brave" --id "BraveSoftware.BraveBrowser" -s "winget" --accept-package-agreements</s></p><p> </p><p>winget upgrade "qBittorrent"</p><p>winget upgrade "MKVToolNix"</p><p> </p><p>winget upgrade --all</p><p>echo 모든 배키지 최신 버전으로<br><br></p><p><br>winget install "" --id "" -s "winget" --accept-package-agreements <br>winget install "" --id "" -s "winget" --accept-package-agreements <br>winget install "" --id "" -s "winget" --accept-package-agreements <br>winget install "" --id "" -s "winget" --accept-package-agreements</p><p> </p><p>winget search ""</p><p> </p><p>winget install "simplewall" --id "Henry++.simplewall" -s "winget" --accept-package-agreements</p><p>winget install "Sandboxie-Plus" --id "Sandboxie.Plus" -s "winget" --accept-package-agreements</p><p> </p><p> </p><p>echo 앱관련 보안 기능 강화 해봄</p><p>icacls "%ProgramFiles%\WindowsApps"<br>takeown /F "%ProgramFiles%\WindowsApps" /A<br>icacls "%ProgramFiles%\WindowsApps" /grant Administrators:F<br>icacls "%ProgramFiles%\WindowsApps" /setintegritylevel H <br>icacls "%ProgramFiles%\WindowsApps" /deny "Guest:F" "*S-1-5-32-546:F" "*S-1-0-0:F" "*S-1-5-7:F"<br>icacls "%ProgramFiles%\WindowsApps" /setowner "NT SERVICE\TrustedInstaller" <br>icacls "%ProgramFiles%\WindowsApps" /grant:r Administrators:RX <br>icacls "%ProgramFiles%\WindowsApps"<br><br>takeown /F "%ProgramFiles%\WindowsApps" /A<br>icacls "%ProgramFiles%\WindowsApps" /grant Administrators:F<br>icacls "%ProgramFiles%\WindowsApps" /remove "Guest" "*S-1-5-32-546" "*S-1-0-0" "*S-1-5-7"<br>icacls "%ProgramFiles%\WindowsApps" /setowner "NT SERVICE\TrustedInstaller" <br>icacls "%ProgramFiles%\WindowsApps" /grant:r Administrators:RX<br>icacls "%ProgramFiles%\WindowsApps"</p><p> </p><p> </p><p>echo 해커가 explorer.exe 켜는 문제. 해커 네트워크 S-1-5-2<br>icacls "%windir%\explorer.exe"  <br>takeown /F "%windir%\explorer.exe" /A <br>icacls "%windir%\explorer.exe" /grant Administrators:F <br>icacls "%windir%\explorer.exe" /setintegritylevel H <br>icacls "%windir%\explorer.exe" /deny "Guest:F" "*S-1-5-32-546:F" "*S-1-0-0:F" "*S-1-5-7:F" <br>icacls "%windir%\explorer.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\explorer.exe" /grant:r Administrators:RX <br>icacls "%windir%\explorer.exe"  <br><br>echo 등록한거 삭제  <br>takeown /F "%windir%\explorer.exe" /A <br>icacls "%windir%\explorer.exe" /grant Administrators:F <br>icacls "%windir%\explorer.exe" /remove "Guest" "*S-1-5-32-546" "*S-1-0-0" "*S-1-5-7" <br>icacls "%windir%\explorer.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\explorer.exe" /grant:r Administrators:RX <br>icacls "%windir%\explorer.exe"    <br><br><br>echo 사용자키 켜는 문제 해커가 이것 부터 켜는 것 같다. svchost.exe  해커 물리적 로그인 S-1-2-1<br>icacls "%windir%\System32\CredentialEnrollmentManager.exe"  <br>takeown /F "%windir%\System32\CredentialEnrollmentManager.exe" /A <br>icacls "%windir%\System32\CredentialEnrollmentManager.exe" /grant Administrators:F <br>icacls "%windir%\System32\CredentialEnrollmentManager.exe" /deny "*S-1-5-32-568:F" "*S-1-5-17:F" "Guest:F" "*S-1-5-32-546:F" "*S-1-0-0:F" "*S-1-5-7:F" <br>icacls "%windir%\System32\CredentialEnrollmentManager.exe" /setintegritylevel H <br>icacls "%windir%\System32\CredentialEnrollmentManager.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\System32\CredentialEnrollmentManager.exe" /grant:r Administrators:RX <br>icacls "%windir%\System32\CredentialEnrollmentManager.exe"  <br><br>icacls "%windir%\System32\CredentialEnrollmentManager.exe"  <br>takeown /F "%windir%\System32\CredentialEnrollmentManager.exe" /A <br>icacls "%windir%\System32\CredentialEnrollmentManager.exe" /grant Administrators:F <br>icacls "%windir%\System32\CredentialEnrollmentManager.exe" /remove "*S-1-5-32-568" "*S-1-5-17" "Guest" "*S-1-5-32-546" "*S-1-0-0" "*S-1-5-7" <br>icacls "%windir%\System32\CredentialEnrollmentManager.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\System32\CredentialEnrollmentManager.exe" /grant:r Administrators:RX <br>icacls "%windir%\System32\CredentialEnrollmentManager.exe"  <br><br><br>echo 게스트 계정으로 ms 정보를 가로 챈다 <br>icacls "%windir%\System32\CompatTelRunner.exe"  <br>takeown /F "%windir%\System32\CompatTelRunner.exe" /A <br>icacls "%windir%\System32\CompatTelRunner.exe" /grant Administrators:F <br>icacls "%windir%\System32\CompatTelRunner.exe" /deny "*S-1-5-32-568:F" "*S-1-5-17:F" "Guest:F" "*S-1-5-32-546:F" "*S-1-0-0:F" "*S-1-5-7:F" <br>icacls "%windir%\System32\CompatTelRunner.exe" /setintegritylevel H <br>icacls "%windir%\System32\CompatTelRunner.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\System32\CompatTelRunner.exe" /grant:r Administrators:RX <br>icacls "%windir%\System32\CompatTelRunner.exe"  <br><br>icacls "%windir%\System32\CompatTelRunner.exe"  <br>takeown /F "%windir%\System32\CompatTelRunner.exe" /A <br>icacls "%windir%\System32\CompatTelRunner.exe" /grant Administrators:F <br>icacls "%windir%\System32\CompatTelRunner.exe" /remove "*S-1-5-32-568" "*S-1-5-17" "Guest" "*S-1-5-32-546" "*S-1-0-0" "*S-1-5-7" <br>icacls "%windir%\System32\CompatTelRunner.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\System32\CompatTelRunner.exe" /grant:r Administrators:RX <br>icacls "%windir%\System32\CompatTelRunner.exe" </p><p> </p><p> </p><p>echo 해커가 FileMaps 악용해서 지가 업데이트 하는 문제. <br>icacls "%windir%\WinSxS\FileMaps"  <br>takeown /F "%windir%\WinSxS\FileMaps" /A <br>icacls "%windir%\WinSxS\FileMaps" /grant Administrators:F <br>icacls "%windir%\WinSxS\FileMaps" /setintegritylevel H <br>icacls "%windir%\WinSxS\FileMaps" /deny "Guest:F" "*S-1-5-32-546:F" "*S-1-0-0:F" "*S-1-5-7:F" <br>icacls "%windir%\WinSxS\FileMaps" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\WinSxS\FileMaps" /grant:r Administrators:RX <br>icacls "%windir%\WinSxS\FileMaps"  <br><br>echo 등록한거 삭제  <br>takeown /F "%windir%\WinSxS\FileMaps" /A <br>icacls "%windir%\WinSxS\FileMaps" /grant Administrators:F <br>icacls "%windir%\WinSxS\FileMaps" /remove "Guest" "*S-1-5-32-546" "*S-1-0-0" "*S-1-5-7" <br>icacls "%windir%\WinSxS\FileMaps" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\WinSxS\FileMaps" /grant:r Administrators:RX <br>icacls "%windir%\WinSxS\FileMaps"   </p><p> </p><p> </p><p>echo ms Cortana 코다카 수상한 실행 <br>icacls "%windir%\System32\backgroundTaskHost.exe"  <br>takeown /F "%windir%\System32\backgroundTaskHost.exe" /A <br>icacls "%windir%\System32\backgroundTaskHost.exe" /grant Administrators:F <br>icacls "%windir%\System32\backgroundTaskHost.exe" /deny "*S-1-5-32-568:F" "*S-1-5-17:F" "Guest:F" "*S-1-5-32-546:F" "*S-1-0-0:F" "*S-1-5-7:F" <br>icacls "%windir%\System32\backgroundTaskHost.exe" /setintegritylevel H <br>icacls "%windir%\System32\backgroundTaskHost.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\System32\backgroundTaskHost.exe" /grant:r Administrators:RX <br>icacls "%windir%\System32\backgroundTaskHost.exe"  <br><br>icacls "%windir%\System32\backgroundTaskHost.exe"  <br>takeown /F "%windir%\System32\backgroundTaskHost.exe" /A <br>icacls "%windir%\System32\backgroundTaskHost.exe" /grant Administrators:F <br>icacls "%windir%\System32\backgroundTaskHost.exe" /remove "*S-1-5-32-568" "*S-1-5-17" "Guest" "*S-1-5-32-546" "*S-1-0-0" "*S-1-5-7" <br>icacls "%windir%\System32\backgroundTaskHost.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%windir%\System32\backgroundTaskHost.exe" /grant:r Administrators:RX <br>icacls "%windir%\System32\backgroundTaskHost.exe" </p><p> </p><p> </p><p>echo D 드라이브 보안 처리</p><p>icacls "d:"  <br>takeown /F "d:" /A <br>icacls "d:" /grant Administrators:F <br>icacls "d:" /deny "*S-1-5-32-568:F" "*S-1-5-17:F" "Guest:F" "*S-1-5-32-546:F" "*S-1-0-0:F" "*S-1-5-7:F" <br>icacls "d:" /setowner "NT AUTHORITY\SYSTEM"  <br>icacls "d:" /grant:r Administrators:RX <br>icacls "d:"   <br>echo icacls "d:" /setintegritylevel M</p><p> </p><p>icacls "d:"  <br>takeown /F "d:" /A <br>icacls "d:" /grant Administrators:F <br>icacls "d:" /remove "*S-1-5-32-568" "*S-1-5-17" "Guest" "*S-1-5-32-546" "*S-1-0-0" "*S-1-5-7" <br>icacls "d:" /setowner "NT AUTHORITY\SYSTEM"  <br>icacls "d:" /grant:r Administrators:RX <br>icacls "d:"  </p><p> </p><p>echo 엣지를 자꾸 켜는 문제 알수 없게. <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe"  <br>takeown /F "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" /A <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" /grant Administrators:F <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" /deny "*S-1-5-32-568:F" "*S-1-5-17:F" "Guest:F" "*S-1-5-32-546:F" "*S-1-0-0:F" "*S-1-5-7:F" <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" /setintegritylevel H <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" /grant:r Administrators:RX <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe"  <br><br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe"  <br>takeown /F "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" /A <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" /grant Administrators:F <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" /remove "*S-1-5-32-568" "*S-1-5-17" "Guest" "*S-1-5-32-546" "*S-1-0-0" "*S-1-5-7" <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" /setowner "NT SERVICE\TrustedInstaller"  <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" /grant:r Administrators:RX <br>icacls "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe"  </p><p> </p><p>echo netplwiz</p><p> </p><p>echo 개인정보 한번에 수정 하기 <a href="https://cafe.daum.net/candan/ASdB/424" target="_blank" class="ke-link">https://cafe.daum.net/candan/ASdB/424</a> deny 사용안하는 것들 백그라운드 해제 </p><p>echo HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore</p><p>echo HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore</p><p> </p><p>echo ipv6 해제 <a href="https://cafe.daum.net/candan/I45j/77" target="_blank" class="ke-link">https://cafe.daum.net/candan/I45j/77</a></p><p>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6" /v "Start" /t REG_DWORD /d 4 /f <br><br>netsh interface teredo set state disabled <br>netsh interface ipv6 6to4 set state state=disabled undoonstop=disabled <br>netsh interface ipv6 6to4 set interface disabled <br>netsh interface ipv6 6to4 set state state=disabled <br>netsh interface ipv6 6to4 set relay state=disabled <br>netsh interface ipv6 6to4 set routing routing=disabled sitelocals=disabled <br>netsh interface ipv6 6to4 set interface "이더넷" disabled <br>netsh interface ipv6 isatap set state state=disabled</p><p><br>netsh interface ipv6 set global mldlevel=none<br>netsh interface IPV6 set global randomizeidentifier=disabled <br>netsh interface IPV6 set privacy state=disable <br>netsh interface ipv6 6to4 set state state=disabled <br>netsh interface ipv6 set teredo disable <br><br>netsh interface ipv6 set global /? <br><br>netsh interface ipv6 show global <br><br>netsh interface ipv6 set global icmpredirects=disabled <br>netsh interface ipv6 set global taskoffload=disabled <br>netsh interface ipv6 set global dhcpmediasense=disabled <br>netsh interface ipv6 set global randomizeidentifiers=disabled <br>netsh interface ipv6 set global loopbacklargemtu=disabled <br>netsh interface ipv6 set global sourcebasedecmp=disabled <br>netsh interface ipv6 set global flowlabel=disabled <br>netsh interface ipv6 set global =disabled <br>netsh interface ipv6 set global =disabled <br>netsh interface ipv6 set global =disabled <br>netsh interface ipv6 set global =disabled <br>netsh interface ipv6 set global =disabled </p><p> </p><p> </p><p>netsh interface ipv6 set global neighborcachelimit=1<br>netsh interface ipv6 set global routecachelimit=1<br>netsh interface ipv6 set global reassemblylimit=1<br>netsh interface ipv6 set global reassemblyoutoforderlimit=1</p><p> </p><p>echo ipv6 무식 하게 차단 하기 </p><p>netsh advfirewall firewall add rule name="block from ipv6" dir=in action=block protocol=ANY remoteip=0000::/1 <br>netsh advfirewall firewall add rule name="block from ipv6" dir=in action=block protocol=ANY remoteip=0000::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff <br><br>netsh advfirewall firewall add rule name="block from ipv6" dir=out action=block protocol=ANY remoteip=0000::/1 <br>netsh advfirewall firewall add rule name="block from ipv6" dir=out action=block protocol=ANY remoteip=0000::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff</p><p> </p><p> </p><p>echo 랜덤 하게 문자 15자 만들기 </p><p>powershell -command "-join ((65..90) + (97..122)|get-random -count 15| % {[char]$_})"</p><p>echo 문자가 만들어 지면 홍길동 부분에 붙쳐 넣으면 된다</p><p> </p><p>echo WORKGROUP 구릅 변경 <a href="https://www.top-password.com/blog/change-workgroup-name-in-windows-10/" target="_blank" class="ke-link">https://www.top-password.com/blog/change-workgroup-name-in-windows-10/</a></p><p>wmic computersystem where name="%computername%" call joindomainorworkgroup name="홍길동"</p><p> </p><p>echo 확인 윈도우키+R </p><p>sysdm.cpl</p><p> </p><p>echo 드래그 엔터가 복사 입니다. 붙처 넣기는 마우스 우클릭 입니다.</p><p> </p><p> </p><p>echo secedit 두번째 로그인 이후 수정 하기 <br>md d:\secedit  <br>secedit /export /cfg d:\secedit\cfg2.ini > nul <br><br>tar -cvzf secedit2.zip d:\secedit <br>echo 만약을 위해 압축 하기 <br><br>notepad d:\secedit\cfg2.ini <br>echo 수정하기 <br><br><br>echo 적용하기 <br>secedit /configure /db test.sdb /cfg d:\secedit\cfg2.ini <br>echo 입력 하기는 안됨 -_-;; 아쉽게.. 이건 됨. db는 그냥 아무거나 적으면 된다. 없다면 <br><br>echo 손상여부 확인 즉 내가 만든 것과 시스템에 적용 된 것과 같은지 비교 <br>secedit /validate d:\secedit\cfg2.ini </p><p> </p><p> </p><p>echo RDS 원격 연결 안함 다시 켜지곤 한다 <a href="https://docs.vmware.com/kr/VMware-Horizon-7/7.13/horizon-published-desktops-applications/GUID-89EDB3EE-06A6-400C-B5CF-D9D82E009EA6.html" target="_top" class="ke-link">https://docs.vmware.com/kr/VMware-Horizon-7/7.13/horizon-published-desktops-applications/GUID-89EDB3EE-06A6-400C-B5CF-D9D82E009EA6.html</a><br>REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "WinStationsDisabled" /t REG_SZ /d 1 /f</p><p> </p><p>echo 제한된 파워쉘 <a href="https://4sysops.com/archives/mitigating-powershell-risks-with-constrained-language-mode/" target="_top" class="ke-link">https://4sysops.com/archives/mitigating-powershell-risks-with-constrained-language-mode/</a> <a href="https://cafe.daum.net/candan/ASdB/426" target="_top" class="ke-link">https://cafe.daum.net/candan/ASdB/426</a><br>setx /m __PSLockDownPolicy 4</p><p> </p><p>echo 보호 안함 기본값으로 하기 파워쉘 명령어 주어야 할때.    파워쉘이 실행 안되고 에러가 나면 이걸 해제 해야 한다.</p><p>setx /m __PSLockDownPolicy 0</p>
<!-- -->
]]>
카페 게시글
윈도우off
윈도우11 시작
동우
추천 0
조회 539
22.06.01 18:34
댓글 11
북마크 번역하기 공유하기 기능 더보기
다음검색
첫댓글 https://www.ghacks.net/2021/11/26/windows-11-debloater-is-a-powerful-and-confusing-tweaker/
https://www.geckoandfly.com/25083/free-tools-disable-stop-windows-spying-tracking-you/
https://freetimetech.com/windows-11-debloater-tool-debloat-gui/
https://www.oo-software.com/en/shutup10
최적화 툴
https://www.windows11tips.com/ko/how-to-adjust-windows-11-font/
윈도우 폰트버그가 있다고 하네요
reg add "HKEY_CURRENT_USER\Software\Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /ve /f
우클릭 메뉴 예전 처럼 보이게 하기
https://portableapps.com/apps/utilities/command_prompt_portable
cmd 한글 설치 하기
https://helplogics.net/ko/windows-11%EC%97%90%EC%84%9C-%EB%A9%94%EB%AA%A8%EB%A6%AC-%EB%AC%B4%EA%B2%B0%EC%84%B1%EC%9D%84-%EC%9C%84%ED%95%B4-%ED%98%B8%ED%99%98%EB%90%98%EC%A7%80-%EC%95%8A%EB%8A%94-%EB%93%9C%EB%9D%BC%EC%9D%B4
코어 격리 문제 해결 방안.
Reg Add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoLogonSID /t REG_SZ /d 0 /f
Reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "AutoLogonSID" /f
https://superuser.com/questions/590590/how-to-disable-autologon-enabled-by-using-sysinternals-autologon-exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\VolatileUserMgrKey
https://www.techadvisor.com/article/745788/how-to-stop-windows-11-apps-from-opening-at-startup.html
cmd는 직접 제거 해야함.. 정체를 알수 없는 cmd 시작
앱> 설정> 하단에 제거
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd835564(v=ws.10)?redirectedfrom=MSDN 자격증명 관련 ConsentPromptBehaviorAdmin
https://wiki.wikisecurity.net/guide:win2003
https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.CredentialsSSP::DenyDefaultCredentials&Language=ko-kr
자격증명 위임 거부
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CredentialsDelegation DenyDefaultCredentials