Windows - ybendito/tips GitHub Wiki

WinDbg

Common

---

Decoding evtx file:

wevtutil qe System.evtx /lf:true /f:text

---

PDB parsing github

---

Enable netplwiz

reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device" /v DevicePasswordLessBuildVersion /d 0 /f

---

Windows 11 old right-click menu

reg.exe add "HKCU\Software\Classes\CLSID{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /f /ve

Windows 11 modern right-click menu

reg.exe delete "HKCU\Software\Classes\CLSID{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}" /f

---

Unicorn remote desktop

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ForceAutoLogon <= 0

---

WMIC install

dism /online /add-capability /capabilityname:wmic

---

Verify driver package files

Example: "c:\Program Files (x86)\Windows Kits\10\bin\10.0.17763.0\x64\signtool.exe" verify /v /pa /c balloon.cat balloon.inf balloon.sys

---

Network

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Multimedia\SystemProfile\NetworkThrottlingIndex

0xffffffff disabled

default is usually 10 (packets)

---