## Turn off CTRL + ALT + DEL at login prompt Windows 10

If your computer still requires you to press CTRL ALT DEL upon login, this simple guide will teach you how to disable it. Note that this will require administrator access and it might not work on Windows Home editions as it requires to modify local group policies.

• Open gpedit.msc
• Browse to Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options
• Locate the policy called “Interactive logon: Do not require CTRL+ALT+DEL
• Doubleclick the policy and set it to Enabled
• Exit

Starting from your next restart, you should no longer be required to press CTRL+ALT+DEL at the Windows login prompt.

If you’re running on older Windows version the policy might be called “Disable CTRL+ALT+DEL requirement for logon

## Managing WiFi profiles in Windows 10

Windows 10 removed the ability to list saved WiFi profiles in the Network and Sharing Center, so now we have to resort to the CLI.

To list all existing profiles (WLAN networks you’ve connected to in the past):

netsh wlan show profiles

To remove a network from your cache:

netsh wlan delete profile name="SSID"

Replace SSID with the profile/network you wish to delete.

## How to debug a non starting application with ProcMon

I just had to install some old legacy software on a new Windows 10 computer. Vendor says it “should work”, but apparantly not without some challenges.

Fast forward ten minutes. Application installed successfully. A couple dll error messages during the setup but I happily ignored those and went on my way.

I cross my fingers and start the application…. nothing happens. Try again. Reboot. Still nothing. Login as local administrator account and reinstall software. Nothing. Start in compatibility mode for XP and set to 256 colors… nothing. Run as admin. Nothing works, you know the drill.

So naturally our next point is to either give up or go all in and fire up ProcessMonitor. Unfortunately we really needed this to work so ProcMon it is.

1) First of we have to set up some filters. Click on the Filter button as showed in the picture below:

2) Set the Process Name == executable filename.exe and Result != SUCCESS. Leave the default filters as they are.

3) Now clear the log for good measure and start the troubling application. ProcMon will now be populated with every single failed event processed by the application.

In the picture above I started to notice a pattern with .NET framework. Then I remembered we had some other software which required .NET framework 3.5, and that’s not easily available on Windows 10. So the next thing I did was to install .NET framework 3.5 and the application worked!!

See this other post for .NET 3.5 install instructions:

How to install .NET Framework 3.5 on Windows 10

## Create a cmd alias/shortcut for issuing commands on remote computer

Before we begin, you must:

1) Open your text editor of choice and paste the following code:

C:\path\to\PSTools\PsExec.exe \\%1 cmd /c %2

Correct the path for PsExec.exe. Save it as rce.bat in the %windir%\system32 folder. If not permitted, save it elsewhere and copy it into the system32 folder manually (will probably show UAC prompt).

Fun fact: RCE is short for Remote Code Execution, typically the holy grail of vulnerability exploits

2) Actually there’s no more steps, you’re done.

Lets try it out. Open cmd.exe and run the following command:

rce computername ipconfig

Note that if the command uses several separated words, you must enclose it with ” ”

rce computername "net stats workstation"

You might also be interested in this other article showing you how to make a sudo-like command for opening an elevated command prompt:

Create a su command for Windows Command Prompt

## Telnet alternative to check if port is open on host

Many people still use telnet (client) for checking if port is open on remote host.
The Powershell cmdlet Test-NetConnection is the new and improved tool for this and by creating a function alias in your profile settings you can have it easily available at any time without remembering the syntax.

1) Open Powershell profile
notepad $profile 2) Add script function open([string]$arg1, [int]$arg2) {  Test-NetConnection -ComputerName$arg1 -Port \$arg2 -InformationLevel Detailed
}

3) Save file and close/reopen the Powershell window

4) Test it in your powershell prompt by writing open google.com 80

## Change Resize Mode for all VMs in RoyalTS 4

I just spent a ridiculous amount of time figuring out how to change default “Resize mode” for all VMs because it was too much work do it for every single RDP/VM connection. Old google results came up with various ways for setting a global setting, but it was nowhere to be found in RoyalTS version 4. So here’s another solution:

1) Open the folder in Dashboard view

2) Mark all of the VMs (CTRL+A if you will)

3) Right-click and choose Properties

4) Go to Display Options -> Bulk Edit -> Resize Mode

The Resize mode is now unlocked and will be changed for all the selected VMs

That’s it

## Finding the source for locked AD account from Event Viewer log on Domain controller

It’s actually really simple, but you’ll need administrator access on the domain controller in order to read the security event log so you might have to consult upper sys admins.

It seems to not want to filter/sort by username though so if you’re managing a huge enterprise with thousands of users this could be a bit tedious. On the other side, if that’s the case I suppose you already have better tools for the job.

Anyway, all invalid login attempts are logged as event id 4776 (Credential Validation).

1. Open Event Viewer and connect to domain controller
2. Go to Windows Logs -> Security
3. Click on Filter Current Log... in the right navigation menu
4. Enter 4776 into the input field which says <All Event IDs>
5. Browse through the invalid login attempts till you find the one which belongs to your user and look in the description text field where it says “Source Workstation:    hostname”

## NiceHash hacked?

NiceHash has been down since this morning and people are beginning to go crazy. Rumours regarding a possible hacking incident has been increasing on /r/NiceHash after they noticed a bitcoin wallet has received over 4700 BTC from one of NiceHash’ wallets.

NiceHash reports on their twitter account they are down for maintenance. No official statement regarding the hacking accusations have been addressed so far.