administrative power tricks
DESCRIPTION
This document is for educational / informational purposes only. For computer administrators and advanced users only.TRANSCRIPT
bcdalai's Free Tech. Support Blog: [http://bcdalai.blogspot.com]
1
© 2004-2010, bcdalai
Administrative Power Tricks
No great discovery was ever made without a bold guess. -Isaac Newton
Experience is the name everyone gives to their mistakes. -Oscar Wilde
Persistence and positive thinking to make things happen.
About this Article: This document is for educational / informational purposes only. For computer administrators
and advanced users only.
About the Author: bcdalai, MCP, MCSE, MCTS: Windows Vista. The author is an IT pro working on Desktop,
Server and Networking - as system administrator, Tech. Support, software troubleshooter and reviewer. He is available for tech. support in Microsoft forums, community and in other online forums with the online name bcdalai. He can be reached at: http://bcdalai.blogspot.com or e-mail: [email protected].
License: The subject matters are for system administrators and everyday computer users. This
article is completely free to read, distribute (through website, CD/DVD or magazines) or share without any modification and may be reproduced in printable media with a link to this article. The article must be distributed in “Microsoft XPS” or “Adobe PDF” format.
Disclaimer: This document is for educational and informational purposes. THIS DOCUMENT IS
PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. It is assumed that you will use the contents of this document in proper and productive way. All names, websites, trade names and registered trademarks mentioned herein are the property of their respective owners.
Copyright © 2004-2010 by bcdalai.
Thanks: I‟m greatly thankful to all the readers for reading and sending feedbacks to me.
bcdalai's Free Tech. Support Blog: [http://bcdalai.blogspot.com]
2
© 2004-2010, bcdalai
Administrative Power Tricks [Warning: Use these tricks at your own risk.]
Trick for Windows Vista and Windows 7
[Notes: Remember these tricks are same for both Windows Vista and 7. These may work on Windows Server 2008. These tricks will also work in Windows XP or earlier versions of OS e.g. Windows 2000 and Server 2003 etc.]
Disable/Enable: ‘Use the Web service to find the correct program’
When opening a file with unknown extension, normally you will see an additional window popping up that give you options of whether to use the web service to find the correct program or select a program from a list of installed programs. Some times it is quite annoying as you probably already know which program should be used to open the file. To bypass this additional window, you can use a simple registry hack to skip the right program searching option but only pop up “open with” window instead.
Follow below steps if you would like to bypass the additional window: 1) Go to Start, type regedit at the search text box. 2) Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer. If Explorer key is not found, then proceed to step 3, else go to step 5.
3) Right click Policies and then choose New -> Key, name the key as Explorer. 4) Right click on Explorer key, choose New -> 32-bit DWORD and then name it as
NoInternetOpenWith. 5) Double click NoInternetOpenWith, enter a value as 1. 6) Reboot your computer in order for the registry key changes to be effective.
Once you have completed above steps, try to open a file with unknown extension, the additional window should no longer pop up and you should only see the “open with” window that let you choose any program to open the file. If you want to reverse the changes, just change the value back to 0.
Trick for Windows XP / Server 2003
[Notes: These tricks will also work in Windows Vista or later versions of OS e.g. Windows 7 and Server 2008 etc.]
Restoring “Show Desktop” icon in Quick Launch: regsvr32 /i:u shell32
Installing/Repairing “Compressed Folder” component in Windows XP or Server 2003: regsvr32 zipfldr.dll
Restoring Help Engine for reading Windows help files: regsvr32 hhctrl.ocx
Registry editing operations: Exporting Keys: reg.exe export HKCU\Software\Intel Settings.reg Importing Keys: reg.exe import Settings.reg
Windows Activation Status: Issue a command at command prompt: oobe/msoobe /a Or %SystemRoot%\system32\oobe\msoobe.exe /a
Component Reinstallation / Repair / Resetting Commands:
Help and Support Service: rundll32 setupapi.dll,InstallHinfSection DefaultInstall 132 %WinDir%\inf\pchealth.inf
bcdalai's Free Tech. Support Blog: [http://bcdalai.blogspot.com]
3
© 2004-2010, bcdalai
Reset Help and Support Service (HelpSvc): net stop helpsvc (Now kills all helpctr.exe, helpsvc.exe & helphost.exe processes from Task Manager) net start helpsvc If the Message is: "The requested service has already been started." then issue this command sc config helpsvc start= auto
System Restore service: rundll32 setupapi.dll,InstallHinfSection DefaultInstall 132 %WinDir%\inf\sr.inf
Windows Management Instrumentation i.e. WMI/WBEM server service:
rundll32 setupapi.dll,InstallHinfSection WBEM 132 %WinDir%\inf\wbemoc.inf
Note: Also check out this The WMI Diagnosis Utility -- Version 2.0 from Microsoft: http://www.microsoft.com/downloads/details.aspx?familyid=d7ba3cd6-18d1-4d05-b11e- 4c64192ae97d&displaylang=en
Reset (NTFS & Registry) permissions for known files/objects:
a- Analyzing and Preparing log file: secedit.exe /analyze /db %WinDir%\sectest.db /cfg %WinDir%\inf\defltwk.inf /log %WinDir%\security\logs\secanalyze.log Completion Messages: Task is completed. Some files in the configuration are not found on this system so security cannot be set/queried. It's ok to ignore. See log %WinDir%\security\logs\secanalyze.log for detail info. b- Reconfiguring the System Registry Settings: secedit.exe /configure /db %WinDir%\sectest.db /cfg %WinDir%\inf\defltwk.inf /log %WinDir%\security\logs\secrepair.log Completion Messages: Task is completed. Some files in the configuration are not found on this system so security cannot be set/queried. It's ok to ignore. See log %WinDir%\security\logs\secrepair.log for detail info.
Note: Ignore both the messages.
Internet Explorer: rundll32 setupapi,InstallHinfSection DefaultInstall 132 %WinDir%\inf\ie.inf Resets IE to default settings: rundll32 setupapi,InstallHinfSection DefaultInstall 132 %WinDir%\inf\iereset.inf
Automatic Updates Service (WUAUSERV): rundll32.exe setupapi.dll,InstallHinfSection DefaultInstall 132 %WinDir%\inf\au.inf
Disk Defragmenter: rundll32 setupapi,InstallHinfSection DefaultInstall 132 %WinDir%\inf\dfrg.inf Registers the following DLLs: regsvr32 dfrgsnap.dll regsvr32 dfrgui.dll Warning: This will invalidate certain third-party defragmenters (such as Diskeeper, O & O Defragmenter), so you may have to reinstall them after this procedure completes.
Windows Firewall: rundll32 setupapi.dll,InstallHinfSection Ndi-Steelhead 132 %WinDir%\inf\netrass.inf Then issue: netsh firewall reset Note: This will work, if you receive an error message such as: "Due to an unidentified problem, Windows cannot display Windows Firewall settings.”
bcdalai's Free Tech. Support Blog: [http://bcdalai.blogspot.com]
4
© 2004-2010, bcdalai
Removing Windows Messenger: RunDll32 advpack.dll,LaunchINFSection %WinDir%\INF\msmsgs.inf,BLC.Remove
Background Intelligent Transfer Service (BITS): rundll32 setupapi.dll,InstallHinfSection DefaultInstall 132 %WinDir%\inf\qmgr.inf Note: BITS service is responsible for performing QoS Windows Update downloads. BITS download updates using idle network bandwidth. If BITS is not functioning, then updates will be unavailable.
Reset your network & Winsock settings: Issue commands one by one: netsh winsock reset netsh winsock reset catalog netsh interface ip reset C:\Interface-resetlog.txt netsh interface reset all netsh firewall reset Note: If this does not help, then use “WinSock Fix”:
http://www.softpedia.com/get/Tweak/Network-Tweak/WinSockFix.shtml
Hide the Themes, Screensavers, Appearance and Setting tabs in the Display Control Panel settings as well as prevents changing the desktop wallpaper and also restricts whole “Control Panel”?
Method-1 through GPO Options:
1) Go to Start > Run type "gpedit.msc" press Enter. 2) Expand "User Configuration" and navigate to "Administrative Templates\Control
Panel\Display". 3) Then open "Hide Appearance and Themes tab" option and click the enabled option to
hide "Appearance tab" and "Themes tab". 4) Then open "Hide Screen Saver tab" option and click the enabled option to hide "Screen
Saver tab". 5) Then open "Hide Settings tab" option and click the enabled option to hide "Settings tab" 6) Then open "Prevent changing wallpaper" option and click the enabled option to
prevent changing the desktop wallpaper. 7) Then open “Remove Display in Control Panel” option and click the enabled option to
hide the “Display” control panel applet. Meaning of Options: "Not Configured" means the option is OFF by default. "Enabled" means the option is ON. "Disabled" means the option is Off manually.
Method-2 through Registry editing:
1) Go to Start > Run type "regedit" press Enter. 2) Navigate to
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies] 3) To hide "Appearance tab" and "Themes tab” Right, click on policies Create a new key
named "System", if not exists. Under this create a new DWORD value named "NoDispAppearancePage" and set its value as 1.
4) To hide "Screen Saver tab", create a new DWORD value named "NoDispScrSavPage" and set its value to 1.
5) To hide "Settings tab", create a new DWORD value named "NoDispSettingsPage" and set its value to 1.
6) To prevent changing wallpaper, create a new key under [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies] named "ActiveDesktop", if not exists and create a new DWORD value named "NoChangingWallPaper" and set its value as 1.
bcdalai's Free Tech. Support Blog: [http://bcdalai.blogspot.com]
5
© 2004-2010, bcdalai
Note: Close Registry Editor. See the results. You can still change the wallpaper through opening an image file in “Windows Picture and Fax Viewer” right click on the image and click the option “Set as Desktop Background”
Non-administrator Burning Tweak:
A non-administrator can burn CD/DVD by tweaking this registry entry: Registry Tweaks (Paste the following text (in red) into a text file and save as “BurningRight.reg”
and double click to add into the registry.)
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "allocatecdroms"="1"
If you want to disable burning for non-administrator, just reset this value to „0‟
Configuring automatic Administrator logon for Recovery Console: To set an automatic administrator logon for the Recovery Console, complete the following steps while you are logged on with administrative credentials:
1) Go to Start > Run type secpol.msc press enter. 2) Local Security Policy will now open. 3) Expand Security Settings, expand Local Policies, and then click Security Options. 4) Double-click the Recovery Console: Allow automatic administrative logon policy, and
then set it to Enable. The policy is effective immediately. Make sure that you reopen the Local Security Policy snap-in to make sure that the effective setting for the policy is "Enabled."
Registry Tweaks: (Paste the following text (in red) into a text file and save as “AutoAdminLogonRecCon.reg” and double click to add into the registry.)
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole] "SecurityLevel"=dword:00000001
Warning: If you configure an automatic administrator logon, anyone can use Recovery Console to access your computer. They will not be prompted for an administrative password.
Allowing Floppy access in Recovery Console:
To allow floppy access the Recovery Console, complete the following steps while you are logged on with administrative credentials:
1) Go to Start > Run type secpol.msc press enter. 2) Local Security Policy will now open. 3) Expand Security Settings, expand Local Policies, and then click Security Options. 4) Double-click the Recovery Console: Allow floppy copy and access to all drives and
folders policy, and then set it to Enable. The policy is effective immediately. Make sure that you reopen the Local Security Policy snap-in to make sure that the effective setting for the policy is "Enabled."
Registry Tweaks: (Paste the following text (in red) into a text file and save as
“floppyAccess2RecCon.reg” and double click to add into the registry.)
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole] "SetCommand"=dword:00000001
Warning: If you configure floppy access, anyone can use Recovery Console to access your computer data. Put “My Computer” on the top: Registry Tweaks: (Paste the following text (in red) into a text file and save as
“MyComputerOnTop.reg” and double click to add into the registry.)
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}] "SortOrderIndex"=dword:00000054
bcdalai's Free Tech. Support Blog: [http://bcdalai.blogspot.com]
6
© 2004-2010, bcdalai
Note: If you want to put My Documents on top of other icons then change the SortorderIndex value to “dword:00000054” Creating Restricted Folders in Windows XP:
Some folder names are restricted in Windows XP. You can‟t create a new folder or rename existing folders to these names. Both upper and lower cases are restricted. These are: Con; Prn; lpt0; lpt1; lpt2; lpt3; lpt4; lpt5; lpt6; lpt7; lpt8; lpt9; Com0; Com1; Com2; Com3; Com4; Com5; Com6; Com7; Com8; Com9 etc. Descriptions: Con: Console in MS-DOS Prn: Printer LPT: printer port, parallel port, name given to the parallel port in DOS. Com: communications port, device in DOS and Windows which relates to the serial ports in a computer; COM file, file which can be operated in DOS.
Solution: You can create the folder names only through Command Prompt. To create a folder
name e.g. prn in D: drive type mkdir \\.\D:\prn and press enter. Other related commands for this type folder names are:
Viewing the folder contents: dir \\.\D:\prn Renaming this folder name: ren \\.\D:\prn 123 Deleting this folder: rmdir \\.\D:\prn
Restriction: You can not rename, delete, copy, move, paste into it etc in Windows Explorer for this file. You must use command Prompt to access/use these types of files. Whenever accessing these folders use \\.\ syntax in the folder path. The best practice is you always avoid these types of folder name for safety and easy of use.
Ripping Audio CDs to MP3 in Windows Media Player 8.
Registry Tweaks (Paste the following text (in red) into a text file and save as “MP3Encoding.reg”
and double click to add into the registry.) Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Settings\MP3Encoding] "LowRate"=dword:0000dac0 "MediumRate"=dword:0000fa00 "MediumHighRate"=dword:0001f400 "HighRate"=dword:0002ee00
You can change the bit rate by editing the above values to these as per your requirement: 54 KBPS = dword:000DAC0 64 KBPS = dword:000FA00 112 KBPS = dword:0001B580 128 KBPS = dword:0001F400 160 KBPS = dword:00027100 192 KBPS = dword:0002EE00 224 KBPS = dword:00036B00 256 KBPS = dword:0003E800 320 KBPS = dword:0004E200 After adding the above entries into registry, now open Media player 8, go to Tools > Options > Copy Music and now you will see/change the options for different encoding speed.
Note: If you want to get better encoding then install latest version of Vista Codec Package or K-Lite
Codec for better results.
How to set a program as the IE source viewer? Registry Tweaks (Paste the following text (in red) into a text file and save as “IESourceViewer.reg” and double click to add into the registry.):
Note: Change the ProgramName to the full path of the program that you want to handle to view the IE source. The program that you are setting to view the IE source must have the capability to handle these types of task.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\View Source Editor\Editor Name] @=" ProgramName"
bcdalai's Free Tech. Support Blog: [http://bcdalai.blogspot.com]
7
© 2004-2010, bcdalai
Show Windows version on Desktop:
Registry Tweaks (Paste the following text (in red) into a text file and save as
“ShowVersionOnDesktop.reg” and double click to add into the registry.):
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Control Panel\Desktop] "PaintDesktopVersion"=dword:00000001
User Accounts Admin
Generally you cannot find the “User Accounts Admin” in the Control Panel. Because this is a hidden control panel Applet. If you want to create an applet in control panel do this: a- Open notepad and type the following (in red without any change to it):
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{98641F47-8C25-4936-BEE4-C2CE1298969D}] @="User Accounts Admin" "InfoTip"="Starts The Windows 2000 style User Accounts dialog"
[HKEY_CLASSES_ROOT\CLSID\{98641F47-8C25-4936-BEE4-C2CE1298969D}
\DefaultIcon] @="%SystemRoot%\\\\System32\\\\nusrmgr.cpl,1"
[HKEY_CLASSES_ROOT\CLSID\{98641F47-8C25-4936-BEE4-C2CE1298969D}
\Shell\Open\command] @="Control Userpasswords2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
ControlPanel\NameSpace\{98641F47-8C25-4936-BEE4-C2CE1298969D}] @="Add Userpasswords2 to Control Panel"
b- Save the file as “AddUserPasswords2ToCP.reg”. Open or double click that file and press „OK‟ button 2 times. c- The go to control panel and see the icon “User Accounts Admin”. Ok this is done.
Adding more commands to the Context Menu of My Computer:
Registry Tweaks (Paste the following text (in red) into a text file and save as “commands.reg” and double click to add into the registry.):
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell] @="none"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Add/Remove Programs]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Add/Remove Programs\command] @="control appwiz.cpl,,0"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Add/Remove Windows Components]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Add/Remove Windows Components\command] @="control appwiz.cpl,,2"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Calculator]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Calculator\command] @="calc"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Clean Drive]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Clean Drive\command] @="cleanmgr"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Control Panel]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Control Panel\command] @="control"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\DOS Prompt]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\DOS Prompt\command] @="cmd.exe"
bcdalai's Free Tech. Support Blog: [http://bcdalai.blogspot.com]
8
© 2004-2010, bcdalai
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Edit Registry]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Edit Registry\command] @="regedit.exe"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\find] @=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,53,00,\ 48,00,45,00,4c,00,4c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,38,\ 00,35,00,30,00,33,00,00,00
"SuppressionPolicy"=dword:00000080
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\find\command] @=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,72,00,2e,00,65,00,78,00,\ 65,00,00,00
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\find\ddeexec] @="[FindFolder(\"%l\", %I)]"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\find\ddeexec\application] @="Folders"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\find\ddeexec\topic] @="AppProperties"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Logoff]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Logoff\command] @="shutdown -l -f -t 3"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Manage] @=hex(2):40,00,25,00,77,00,69,00,6e,00,64,00,69,00,72,00,25,00,5c,00,73,00,79,\
00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,79,00,63,00,6f,00,6d,00,\ 70,00,75,00,74,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,34,00,30,00,30,00,00,\ 00
"SuppressionPolicy"=dword:4000003c [HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Manage\command] @=hex(2):25,00,77,00,69,00,6e,00,64,00,69,00,72,00,25,00,5c,00,73,00,79,00,73,\
00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,6d,00,63,00,2e,00,65,00,78,00,\ 65,00,20,00,2f,00,73,00,20,00,25,00,77,00,69,00,6e,00,64,00,69,00,72,00,25,\ 00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,63,00,6f,00,\ 6d,00,70,00,6d,00,67,00,6d,00,74,00,2e,00,6d,00,73,00,63,00,00,00
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Quit Windows]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Quit Windows\command] @="shutdown -s -f -t 3"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Reboot]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Reboot\command] @="shutdown -r -f -t 3"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Security Center]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Security Center\command] @="control wscui.cpl"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Set Program Access and Defaults]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Set Program Access and Defaults\command] @="control appwiz.cpl,,3"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\System Restore]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\System Restore\command] @="\\windows\\system32\\restore\\rstrui.exe"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\User Accounts Admin]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\User Accounts Admin\command] @="Control Userpasswords2"
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder] "HideOnDesktopPerUser"="1"
Thank You