software:microsoft:windows:windows10
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
software:microsoft:windows:windows10 [2022/04/09 19:52] – [what version of Windows is installed on a hard drive] superwizard | software:microsoft:windows:windows10 [2024/03/20 17:34] – [PsExec: Logon failure: the user has not been granted the requested logon type at this computer.] superwizard | ||
---|---|---|---|
Line 2: | Line 2: | ||
------------------------------------------------------------------------------------------------------------------------------------------------\\ | ------------------------------------------------------------------------------------------------------------------------------------------------\\ | ||
+ | |||
+ | ====== PsExec: Logon failure: the user has not been granted the requested logon type at this computer. ====== | ||
+ | |||
+ | |||
+ | "F:\1. Utilities\SysInternals\PSTools\psexec64.exe" | ||
+ | | ||
+ | |||
+ | The solution for 2.30+ is to add the -i flag for interactive session. | ||
+ | |||
+ | | ||
+ | https:// | ||
+ | |||
+ | |||
+ | When logging in as Admin you also need the -h flag if you want full admin privileges. | ||
+ | |||
+ | So from my previous example: | ||
+ | |||
+ | |||
+ | https:// | ||
+ | ====== Steps to create Hibernate shortcut in Windows 10: ====== | ||
+ | |||
+ | <WRAP center round box > | ||
+ | Step 1: Right-click the desktop, point at New on the menu and choose Shortcut in the options. | ||
+ | Step 2: As the window named Create Shortcut turns up, enter %windir%\system32\shutdown.exe –h, and then select Next. | ||
+ | |||
+ | From < | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | ====== Location of Desktop in registry ====== | ||
+ | |||
+ | <WRAP center round box > | ||
+ | Shell folders desktop documents pictures location | ||
+ | |||
+ | 2022-11-08 | ||
+ | Using this trick one can easily change the target folder for many personal directories including the desktop: | ||
+ | * 1. Don't forget to create a backup before changing anything. | ||
+ | * 2. Open the Registry editor (Regedit.exe) | ||
+ | * 3. Browse to the location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders. | ||
+ | * 4. In the right window pane select the required value (i.e. Desktop). | ||
+ | * 5. Insert the new location for the folder to be stored. | ||
+ | |||
+ | From < https:// | ||
+ | |||
+ | There is Explorer\Shell Folders | ||
+ | and Explorer\User Shell Folders | ||
+ | |||
+ | |||
+ | Overriding registry values | ||
+ | |||
+ | The following items do not exist in a clean install of Windows 10 and Windows 11. They’re created only if you redirect those folders to Microsoft OneDrive or DropBox. If the following values exist, the location defined in the following values takes precedence. In case of any conflict, the following values can be deleted so that the defaults (above) are used. | ||
+ | |||
+ | https:// | ||
+ | |||
+ | | {F42EE2D3-909F-4907-8871-4C22FC0BF756} | ||
+ | | {0DDD015D-B06C-45D5-8C4C-F59713854639} | ||
+ | |||
+ | |||
+ | </ | ||
====== How to Hide or Show User Accounts from Login Screen on Windows 10/11? ====== | ====== How to Hide or Show User Accounts from Login Screen on Windows 10/11? ====== | ||
Line 16: | Line 76: | ||
+ | ====== Deny Sign in Locally ====== | ||
+ | |||
+ | |||
+ | <WRAP center round box > | ||
+ | 2022-04-05 | ||
+ | |||
+ | Deny User or Group to Sign in Locally in Windows 10 | ||
+ | |||
+ | From < | ||
+ | |||
+ | Computer login | ||
+ | |||
+ | From < | ||
+ | |||
+ | |||
+ | |||
+ | </ | ||
Line 285: | Line 362: | ||
====== what version of Windows is installed on a hard drive ====== | ====== what version of Windows is installed on a hard drive ====== | ||
+ | <WRAP center round box > | ||
+ | |||
+ | **This Worked** | ||
+ | |||
+ | Also: https:// | ||
+ | |||
+ | |||
+ | < | ||
+ | Step 1: Get the registry hive | ||
+ | This step is pretty simple. The file is called software and is located in | ||
+ | %SYSTEMROOT%\system32\config\Software. | ||
+ | |||
+ | fortunately we have an offline version of the harddrive. Copy that file to a USB stick, | ||
+ | or some other device, following your standard evidence collection policies. I also recommend | ||
+ | working from an image, not the live drive, | ||
+ | if you're doing actual forensic work. | ||
+ | |||
+ | regedit | ||
+ | click on hKlm | ||
+ | load hive | ||
+ | |||
+ | windows software windows windowsnt currentversion Product Name | ||
+ | |||
+ | Unload hive | ||
+ | |||
+ | </ | ||
+ | |||
+ | </ | ||
+ | |||
<WRAP center round box > | <WRAP center round box > | ||
Line 296: | Line 402: | ||
Mapping Product Version IDs to Version and Build Numbers | Mapping Product Version IDs to Version and Build Numbers | ||
Notice that the product version info in Properties/ | Notice that the product version info in Properties/ | ||
+ | </ | ||
+ | |||
+ | <WRAP round box > | ||
From: https:// | From: https:// | ||
- | |||
- | </ | ||
windows version | windows version | ||
- | <WRAP round box > | ||
Look in the ../ | Look in the ../ | ||
If this file exists, it is at least an NT based system. (I assume you are not looking for Win95 or earlier.) | If this file exists, it is at least an NT based system. (I assume you are not looking for Win95 or earlier.) | ||
Line 333: | Line 439: | ||
</ | </ | ||
+ | <WRAP center round box > | ||
Also: https:// | Also: https:// | ||
Line 342: | Line 449: | ||
Similar tools can be found here: 27 Best Free Product Key Finder Software For Windows | Similar tools can be found here: 27 Best Free Product Key Finder Software For Windows | ||
- | </ | ||
- | |||
- | Also: https:// | ||
- | |||
- | |||
- | <WRAP center round box > | ||
- | |||
- | |||
- | < | ||
- | Step 1: Get the registry hive | ||
- | This step is pretty simple. The file is called software and is located in | ||
- | %SYSTEMROOT%\system32\config\Software. | ||
- | |||
- | fortunately we have an offline version of the harddrive. Copy that file to a USB stick, | ||
- | or some other device, following your standard evidence collection policies. I also recommend | ||
- | working from an image, not the live drive, | ||
- | if you're doing actual forensic work. | ||
- | |||
- | regedit | ||
- | click on hKlm | ||
- | load hive | ||
- | |||
- | windows software windows windowsnt currentversion | ||
- | |||
- | Unload hive | ||
- | |||
</ | </ | ||
Line 417: | Line 498: | ||
Applies to: Windows 8.1Windows 8.1 EnterpriseWindows 8.1 Pro More | Applies to: Windows 8.1Windows 8.1 EnterpriseWindows 8.1 Pro More | ||
</ | </ | ||
+ | |||
+ | <WRAP center round box > | ||
+ | 2024-02-02 | ||
+ | |||
+ | The / | ||
+ | If DISM reports that component store corruption is found and is repairable, you should attempt repairs. That syntax reads: | ||
+ | dism /online / | ||
+ | Even if errors were detected in the preceding step, this command should complete successfully. It replaces corrupt or questionable elements in the Windows Side-by-Side (WinSxS) store, reading from a local copy of your Windows image files. | ||
+ | The / | ||
+ | |||
+ | From < | ||
+ | |||
+ | </ | ||
====== FIX DISM Source Files Could not be Found Windows 10/8 ====== | ====== FIX DISM Source Files Could not be Found Windows 10/8 ====== |
software/microsoft/windows/windows10.txt · Last modified: 2024/03/22 22:37 by superwizard