Or regedit from the command line needs /i with /s (and the location of the .reg file)
2009/3/23 Paul Everett <evere...@leementalhealth.org> > Thanks Ben. > #1 worked great! > #4 the reg entry was made. An XP Pro disk opens just showing the contents > of the disk. Is there a switch for this script to ignore (or don't > overwrite) if the entry is already there so my login script doesn't stop and > wait for user input? > > > -----Original Message----- > From: Ben Scott [mailto:mailvor...@gmail.com] > Sent: Monday, March 23, 2009 10:45 AM > To: NT System Admin Issues > Subject: Re: April 1st Conflicker Version C to erupt > > On Mon, Mar 23, 2009 at 9:04 AM, Paul Everett > <evere...@leementalhealth.org> wrote: > > 1. Is there a way (script or GP) to take "domain users" out of the > > local admin group? > > In addition to other suggestions, you could always do: > > NET LOCALGROUP Administrators "%YourDomain%\Domain Users" /DELETE > > Put that in your logon script. If "Domain Users" has local admin > rights, then it will succeed, and remove "Domain Users" for future > logons. If it's already been done, it will fail harmlessly. > > > 4. How do I do the INI redirection trick? > > It works by redirecting AUTORUN.INF to a non-existent registry > location. That will make Windows completely ignore the AUTORUN.INF > file on any disk. It involves a single registry key and value: > > Hive: HKEY_LOCAL_MACHINE > Key: SOFTWARE\Microsoft\Windows > NT\CurrentVersion\IniFileMapping\Autorun.inf > Default value:"@SYS:DoesNotExist" > > If you put the following in a .REG file, you can import it using REGEDIT: > > REGEDIT4 > [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows > NT\CurrentVersion\IniFileMapping\Autorun.inf] > @="@SYS:DoesNotExist" > > Or, you can use the REG command (all on one line): > > REG ADD "HKLM\SOFTWARE\Microsoft\Windows > NT\CurrentVersion\IniFileMapping\Autorun.inf" /ve /t REG_SZ /d > "@SYS:DoesNotExist" > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
