Aug 6, 2008

Security / Privacy Related

Disabling Ctrl+Alt+Del
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DisableCAD"=dword:00000001

Disable Registry Editing Tools
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000001

;0=default, 1=admin only, 2=disabled
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer]
"DisableMSI"=dword:00000002

Disable the Ability to Right Click on the Desktop
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoViewContextMenu"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoViewContextMenu"=dword:00000001

Change the Logon Window to Classic
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"LogonType"=dword:00000000

Hide the Last User Name
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DontDisplayLastUserName"=dword:00000001

Legal Notice Dialog Box Before Logon
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"LegalNoticeCaption"="Type the caption for your message here"
"LegalNoticeText"="Type your message here"

Show Administrator on the Welcome Screen
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]
"Administrator"=dword:00000001

Disable the Auto Logon Shift Override Feature
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"IgnoreShiftOverride"="1"

Hide Usernames from the Logon Screen
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]
"Name of a user"=dword:00000000
"Name of another user"=dword:00000000
"Name of third user"=dword:00000000

Disable the Windows Key
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,03,00,00,00,00,00,5b,e0,00,00,5c,e0,\
00,00,00,00

Disable Windows Script Host
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings]
Enable"=dword:00000000

Disable Windows File Protection (WFP) (to enable, change to 0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Add]
"SFCDisable"=dword:FFFFFF9D

Posted by Kushwahaji at 9:36:00 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)