Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
group policy and programs reroute registry run a muck
Message
<blockquote data-quote="Dreadcaller" data-source="post: 679548" data-attributes="member: 66009"><p>Sunday, September 24, 2017 7:46:18 PM</p><p> Administrative privileged user logged on.</p><p> Parsing template C:\Windows\inf\defltbase.inf.</p><p>----Configuration engine was initialized successfully.----</p><p></p><p>----Reading Configuration Template info...</p><p></p><p></p><p>----Configure User Rights...</p><p> SeImpersonatePrivilege must be assigned to administrators. This setting is adjusted.</p><p> SeImpersonatePrivilege must be assigned to SERVICE. This setting is adjusted.</p><p> Configure S-1-5-32-546.</p><p> remove SeInteractiveLogonRight.</p><p> Configure S-1-5-32-547.</p><p> remove SeNetworkLogonRight.</p><p> remove SeSystemtimePrivilege.</p><p> remove SeRemoteShutdownPrivilege.</p><p> remove SeIncreaseBasePriorityPrivilege.</p><p> remove SeInteractiveLogonRight.</p><p> remove SeProfileSingleProcessPrivilege.</p><p> remove SeShutdownPrivilege.</p><p> remove SeRemoteInteractiveLogonRight.</p><p> Configure S-1-5-32-581.</p><p> remove SeNetworkLogonRight.</p><p> remove SeChangeNotifyPrivilege.</p><p> remove SeInteractiveLogonRight.</p><p> remove SeIncreaseWorkingSetPrivilege.</p><p> remove SeTimeZonePrivilege.</p><p> Configure S-1-5-19.</p><p> remove SeIncreaseWorkingSetPrivilege.</p><p> Configure S-1-5-20.</p><p> Configure S-1-5-32-544.</p><p> add SeRemoteInteractiveLogonRight.</p><p> remove SeIncreaseWorkingSetPrivilege.</p><p> Configure S-1-5-32-551.</p><p> add SeNetworkLogonRight.</p><p> add SeChangeNotifyPrivilege.</p><p> add SeBatchLogonRight.</p><p> Configure S-1-5-32-559.</p><p> add SeBatchLogonRight.</p><p> Configure S-1-5-32-545.</p><p> add SeUndockPrivilege.</p><p> add SeTimeZonePrivilege.</p><p> Configure S-1-1-0.</p><p> remove SeInteractiveLogonRight.</p><p> remove SeShutdownPrivilege.</p><p> remove SeRemoteInteractiveLogonRight.</p><p> Configure S-1-5-6.</p><p> Configure S-1-5-21-1581074486-2788444649-3155340798-501.</p><p> add SeInteractiveLogonRight.</p><p> add SeDenyNetworkLogonRight.</p><p> add SeDenyInteractiveLogonRight.</p><p> Configure S-1-5-90-0.</p><p> add SeIncreaseBasePriorityPrivilege.</p><p> Configure S-1-5-32-555.</p><p> add SeRemoteInteractiveLogonRight.</p><p> Configure S-1-5-80-0.</p><p> add SeServiceLogonRight.</p><p> Configure S-1-5-80-3139157870-2983391045-3678747466-658725712-1809340420.</p><p> add SeSystemProfilePrivilege.</p><p></p><p> User Rights configuration was completed successfully.</p><p></p><p></p><p>----Configure Group Membership...</p><p> Configure Users.</p><p> add INTERACTIVE.</p><p> add Authenticated Users.</p><p></p><p> Group Membership configuration was completed successfully.</p><p></p><p></p><p>----Configure Registry Keys...</p><p></p><p> Configuration of Registry Keys was completed successfully.</p><p></p><p></p><p>----Configure File Security...</p><p></p><p> File Security configuration was completed successfully.</p><p></p><p></p><p>----Configure Security Policy...</p><p> Configure password information.</p><p> Administrator account is disabled.</p><p> Guest account is disabled.</p><p></p><p> System Access configuration was completed successfully.</p><p> LSA anonymous lookup names setting : existing SD = D<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite111" alt=":(" title="Frown :(" loading="lazy" data-shortname=":(" />A;;0xf1fff;;;BA)(A;;0x20801;;;WD)(A;;0x801;;;AN)(A;;0x1000;;;LS)(A;;0x1000;;;NS)(A;;0x1000;;;S-1-5-17)(A;;0x801;;;AC)(A;;0x801;;;S-1-15-2-2).</p><p> LSA anonymous lookup names setting : computed SD = D<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite111" alt=":(" title="Frown :(" loading="lazy" data-shortname=":(" />D;;0x800;;;AN)(A;;0xf1fff;;;BA)(A;;0x20801;;;WD)(A;;0x801;;;AN)(A;;0x1000;;;LS)(A;;0x1000;;;NS)(A;;0x1000;;;S-1-5-17)(A;;0x801;;;AC)(A;;0x801;;;S-1-15-2-2).</p><p> Configure LSA anonymous lookup setting.</p><p> Configure machine\software\microsoft\windows nt\currentversion\setup\recoveryconsole\securitylevel.</p><p> Configure machine\software\microsoft\windows nt\currentversion\setup\recoveryconsole\setcommand.</p><p> Configure machine\software\microsoft\windows nt\currentversion\winlogon\scremoveoption.</p><p> Configure machine\software\microsoft\windows\currentversion\policies\system\dontdisplaylastusername.</p><p> Configure machine\software\microsoft\windows\currentversion\policies\system\legalnoticecaption.</p><p> Configure machine\software\microsoft\windows\currentversion\policies\system\legalnoticetext.</p><p> Configure machine\software\microsoft\windows\currentversion\policies\system\scforceoption.</p><p> Configure machine\software\microsoft\windows\currentversion\policies\system\shutdownwithoutlogon.</p><p> Configure machine\software\microsoft\windows\currentversion\policies\system\undockwithoutlogon.</p><p> Configure machine\software\policies\microsoft\windows\safer\codeidentifiers\authenticodeenabled.</p><p> Configure machine\system\currentcontrolset\control\lsa\auditbaseobjects.</p><p> Configure machine\system\currentcontrolset\control\lsa\crashonauditfail.</p><p> Configure machine\system\currentcontrolset\control\lsa\disabledomaincreds.</p><p> Configure machine\system\currentcontrolset\control\lsa\everyoneincludesanonymous.</p><p> Configure machine\system\currentcontrolset\control\lsa\fipsalgorithmpolicy\enabled.</p><p> Configure machine\system\currentcontrolset\control\lsa\forceguest.</p><p> Configure machine\system\currentcontrolset\control\lsa\fullprivilegeauditing.</p><p> Configure machine\system\currentcontrolset\control\lsa\nolmhash.</p><p> Configure machine\system\currentcontrolset\control\lsa\restrictanonymous.</p><p> Configure machine\system\currentcontrolset\control\lsa\restrictanonymoussam.</p><p> Configure machine\system\currentcontrolset\control\print\providers\lanman print services\servers\addprinterdrivers.</p><p> Configure machine\system\currentcontrolset\control\session manager\kernel\obcaseinsensitive.</p><p> Configure machine\system\currentcontrolset\control\session manager\memory management\clearpagefileatshutdown.</p><p> Configure machine\system\currentcontrolset\control\session manager\protectionmode.</p><p> Configure machine\system\currentcontrolset\services\lanmanserver\parameters\autodisconnect.</p><p> Configure machine\system\currentcontrolset\services\lanmanserver\parameters\enableforcedlogoff.</p><p> Configure machine\system\currentcontrolset\services\lanmanserver\parameters\enablesecuritysignature.</p><p> Configure machine\system\currentcontrolset\services\lanmanserver\parameters\nullsessionpipes.</p><p> Configure machine\system\currentcontrolset\services\lanmanserver\parameters\requiresecuritysignature.</p><p> Configure machine\system\currentcontrolset\services\lanmanserver\parameters\restrictnullsessaccess.</p><p> Configure machine\system\currentcontrolset\services\lanmanworkstation\parameters\enableplaintextpassword.</p><p> Configure machine\system\currentcontrolset\services\lanmanworkstation\parameters\enablesecuritysignature.</p><p> Configure machine\system\currentcontrolset\services\lanmanworkstation\parameters\requiresecuritysignature.</p><p> Configure machine\system\currentcontrolset\services\ldap\ldapclientintegrity.</p><p></p><p> Configuration of Registry Values was completed successfully.</p><p> Configure log settings.</p><p></p><p> Audit/Log configuration was completed successfully.</p><p></p><p></p><p>----Configure available attachment engines...</p><p></p><p> Configuration of attachment engines was completed successfully.</p><p></p><p></p><p>----Un-initialize configuration engine...</p></blockquote><p></p>
[QUOTE="Dreadcaller, post: 679548, member: 66009"] Sunday, September 24, 2017 7:46:18 PM Administrative privileged user logged on. Parsing template C:\Windows\inf\defltbase.inf. ----Configuration engine was initialized successfully.---- ----Reading Configuration Template info... ----Configure User Rights... SeImpersonatePrivilege must be assigned to administrators. This setting is adjusted. SeImpersonatePrivilege must be assigned to SERVICE. This setting is adjusted. Configure S-1-5-32-546. remove SeInteractiveLogonRight. Configure S-1-5-32-547. remove SeNetworkLogonRight. remove SeSystemtimePrivilege. remove SeRemoteShutdownPrivilege. remove SeIncreaseBasePriorityPrivilege. remove SeInteractiveLogonRight. remove SeProfileSingleProcessPrivilege. remove SeShutdownPrivilege. remove SeRemoteInteractiveLogonRight. Configure S-1-5-32-581. remove SeNetworkLogonRight. remove SeChangeNotifyPrivilege. remove SeInteractiveLogonRight. remove SeIncreaseWorkingSetPrivilege. remove SeTimeZonePrivilege. Configure S-1-5-19. remove SeIncreaseWorkingSetPrivilege. Configure S-1-5-20. Configure S-1-5-32-544. add SeRemoteInteractiveLogonRight. remove SeIncreaseWorkingSetPrivilege. Configure S-1-5-32-551. add SeNetworkLogonRight. add SeChangeNotifyPrivilege. add SeBatchLogonRight. Configure S-1-5-32-559. add SeBatchLogonRight. Configure S-1-5-32-545. add SeUndockPrivilege. add SeTimeZonePrivilege. Configure S-1-1-0. remove SeInteractiveLogonRight. remove SeShutdownPrivilege. remove SeRemoteInteractiveLogonRight. Configure S-1-5-6. Configure S-1-5-21-1581074486-2788444649-3155340798-501. add SeInteractiveLogonRight. add SeDenyNetworkLogonRight. add SeDenyInteractiveLogonRight. Configure S-1-5-90-0. add SeIncreaseBasePriorityPrivilege. Configure S-1-5-32-555. add SeRemoteInteractiveLogonRight. Configure S-1-5-80-0. add SeServiceLogonRight. Configure S-1-5-80-3139157870-2983391045-3678747466-658725712-1809340420. add SeSystemProfilePrivilege. User Rights configuration was completed successfully. ----Configure Group Membership... Configure Users. add INTERACTIVE. add Authenticated Users. Group Membership configuration was completed successfully. ----Configure Registry Keys... Configuration of Registry Keys was completed successfully. ----Configure File Security... File Security configuration was completed successfully. ----Configure Security Policy... Configure password information. Administrator account is disabled. Guest account is disabled. System Access configuration was completed successfully. LSA anonymous lookup names setting : existing SD = D:(A;;0xf1fff;;;BA)(A;;0x20801;;;WD)(A;;0x801;;;AN)(A;;0x1000;;;LS)(A;;0x1000;;;NS)(A;;0x1000;;;S-1-5-17)(A;;0x801;;;AC)(A;;0x801;;;S-1-15-2-2). LSA anonymous lookup names setting : computed SD = D:(D;;0x800;;;AN)(A;;0xf1fff;;;BA)(A;;0x20801;;;WD)(A;;0x801;;;AN)(A;;0x1000;;;LS)(A;;0x1000;;;NS)(A;;0x1000;;;S-1-5-17)(A;;0x801;;;AC)(A;;0x801;;;S-1-15-2-2). Configure LSA anonymous lookup setting. Configure machine\software\microsoft\windows nt\currentversion\setup\recoveryconsole\securitylevel. Configure machine\software\microsoft\windows nt\currentversion\setup\recoveryconsole\setcommand. Configure machine\software\microsoft\windows nt\currentversion\winlogon\scremoveoption. Configure machine\software\microsoft\windows\currentversion\policies\system\dontdisplaylastusername. Configure machine\software\microsoft\windows\currentversion\policies\system\legalnoticecaption. Configure machine\software\microsoft\windows\currentversion\policies\system\legalnoticetext. Configure machine\software\microsoft\windows\currentversion\policies\system\scforceoption. Configure machine\software\microsoft\windows\currentversion\policies\system\shutdownwithoutlogon. Configure machine\software\microsoft\windows\currentversion\policies\system\undockwithoutlogon. Configure machine\software\policies\microsoft\windows\safer\codeidentifiers\authenticodeenabled. Configure machine\system\currentcontrolset\control\lsa\auditbaseobjects. Configure machine\system\currentcontrolset\control\lsa\crashonauditfail. Configure machine\system\currentcontrolset\control\lsa\disabledomaincreds. Configure machine\system\currentcontrolset\control\lsa\everyoneincludesanonymous. Configure machine\system\currentcontrolset\control\lsa\fipsalgorithmpolicy\enabled. Configure machine\system\currentcontrolset\control\lsa\forceguest. Configure machine\system\currentcontrolset\control\lsa\fullprivilegeauditing. Configure machine\system\currentcontrolset\control\lsa\nolmhash. Configure machine\system\currentcontrolset\control\lsa\restrictanonymous. Configure machine\system\currentcontrolset\control\lsa\restrictanonymoussam. Configure machine\system\currentcontrolset\control\print\providers\lanman print services\servers\addprinterdrivers. Configure machine\system\currentcontrolset\control\session manager\kernel\obcaseinsensitive. Configure machine\system\currentcontrolset\control\session manager\memory management\clearpagefileatshutdown. Configure machine\system\currentcontrolset\control\session manager\protectionmode. Configure machine\system\currentcontrolset\services\lanmanserver\parameters\autodisconnect. Configure machine\system\currentcontrolset\services\lanmanserver\parameters\enableforcedlogoff. Configure machine\system\currentcontrolset\services\lanmanserver\parameters\enablesecuritysignature. Configure machine\system\currentcontrolset\services\lanmanserver\parameters\nullsessionpipes. Configure machine\system\currentcontrolset\services\lanmanserver\parameters\requiresecuritysignature. Configure machine\system\currentcontrolset\services\lanmanserver\parameters\restrictnullsessaccess. Configure machine\system\currentcontrolset\services\lanmanworkstation\parameters\enableplaintextpassword. Configure machine\system\currentcontrolset\services\lanmanworkstation\parameters\enablesecuritysignature. Configure machine\system\currentcontrolset\services\lanmanworkstation\parameters\requiresecuritysignature. Configure machine\system\currentcontrolset\services\ldap\ldapclientintegrity. Configuration of Registry Values was completed successfully. Configure log settings. Audit/Log configuration was completed successfully. ----Configure available attachment engines... Configuration of attachment engines was completed successfully. ----Un-initialize configuration engine... [/QUOTE]
Insert quotes…
Verification
Post reply
Top