For all kinds of viruses, cyber hackers and some friends who like to play tricks, we have to do a good job of preventing some important or private information from being exposed. Here, we mainly talk about some examples where the application registry plays a corresponding protective role.
●Fight against the destruction of BackDoor:
If your computer is online, there is a potential danger of being hacked. There is a backdoor program called BackDoor that specifically selects vulnerabilities in the system to attack. We can modify the registry to prevent it. Open HKEY_LOCAL_MACHINE\SoftwareMicrosoft WindowsCurrentVersionRun subkey branch and delete the "Notepad" key value item in the right window.
●Disable display of hidden files through "Folder Options":
It is unreliable to use hidden files in the "Folder Options" to protect files, and any user can see hidden files by selecting "Show all files". After modifying it in the registry, it will no longer be so easy for others to see hidden files. Open HKEY_LOCAL_MACHINESoftwareMicrosoftWindows CurrentVersion ExplorerAdvancedFolderHiddenSHOWALL subkey branch and change the value of CheckedValue in the right window to 0. In this way, even if "Show all files" is selected in "Folder Options", the hidden files will not be displayed.
●Block network access function to floppy disk:
Many viruses in computers are transmitted through floppy disks, in addition to being transmitted from the Internet. Therefore, blocking access to floppy disks can effectively improve the security of the system. Open the HKEY_LOCAL_MACHINESOFTWARE Microsoft Windows NTCurrentVersionWinlogon subkey branch in the registry, and change the AllocateFloppies double-byte key value item in the right window to 1.
●Fight against WinNuke hacker programs' attacks on computers:
WinNuke is a highly destructive program that can destroy Windows XP system in your computer, which will cause the entire computer system to be paralyzed. You can prevent WinNuke's attacks through the registry. Open HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesVxdMSTCP, create a new double-byte value in the window on the right, name it "BSDUrgent", and set its key value to 0.
●Prohibit users from locking the computer:
In the Windows Security window, if the user presses the Ctrl+Alt+Del key combination at the same time, you can click the "Lock Computer" key, so that the user cannot use the computer unless he types the user password to unlock it. Modifying the registry can prevent users from locking the computer. Open HKEY_CURRENT_USERSoftwareMicrosoft WindowsCurrentVersionPoliciesSystem subkey branch, create a new double-byte value "DisableLockWorkstation" in the window on the right, and set its key value to 1.
●Disable to view the contents of the specified disk drive::
If an important data is stored in a disk drive and does not want the user to view the content of the drive, you can use this method to prohibit viewing the content of the drive, that is, open the HKEY_CURRENT_USERSoftwareMicrosoft WindowsCurrent VersionPoliciesExplorer subkey branch in the registry editor, and create a new double-byte value "NoViewOnDrive" in the window on the right. The key value ranges from the lowest bit (0th bit) to the twenty-fifth bit, representing drive A to drive Z respectively. For example, if you want to prohibit the user from using floppy drive A, floppy drive B and drive D, you can set its key value to "0000000B" (bits 0, 1, and 3 are 1, and binary 1011 is converted to hexadecimal B), and restart takes effect. Now, enter "My Computer" again, drives A, B, and D still appear, but when you double-click them, a message box will pop up informing the user that this operation cannot be performed, but the application can still access the prohibited drive, and the icon of the prohibited drive will still appear in "My Computer" and "Explorer".
●Disable running command interpreter and batch files:
By modifying the Windows XP registry, users can be prohibited from using the command interpreter () and running a batch file (.bat file), that is, open the HKEY_CURRENT_USERSoftwarePoliciesMicrosoft WindowsSystem subkey branch in the registry editor, and then create a new double-byte value "DisableCMD" in the window on the right, and set its key value to 2. In this way, neither the command interpreter nor the batch file can run. If the value is set to 1, it will only prohibit the operation of the command interpreter.
●Prohibit users from changing passwords:
In the Windows Security window, if the user presses the Ctrl+Alt+Del key combination at the same time, he can click "Change Password" to change the user password. We can prohibit users from changing passwords through the registry, open the HKEY_CURRENT_USERSoftwareMicrosoft WindowsCurrentVersion PoliciesSystem subkey branch, create a new double-byte value in the window on the right, name it "DisableChangePassword", and set its value to 1. In this way, the "Change Password" button in the Windows XP security window becomes a prohibited state and the user cannot change the password.
●Disable changing temporary file settings:
Open HKEY_CURRENT_USERSoftwarePoliciesMicrosoft Internet ExplorerControl Panel subkey branch, and create a new double-byte value in the window on the right, name it "Cache", and set its value to 1.
●Disable to change the historical record settings:
Open HKEY_CURRENT_USERSoftwarePoliciesMicrosoft Internet ExplorerControl Panel subkey branch, and create a new double-byte value in the window on the right, name it "History", and set its value to 1.
●Disable security options:
Open HKEY_CURRENT_USERSoftwarePoliciesMicrosoft Internet ExplorerControl Panel subkey branch, and create a new double-byte value in the window on the right, named "SecurityTab", and set its value to 1.
●Disable content options:
Open HKEY_CURRENT_USERSoftwarePoliciesMicrosoft Internet ExplorerControl Panel subkey branch, and create a new double-byte value in the window on the right, name it "ContentTab", and set its value to 1.
●Disable the automatic completion function of the form:
Open HKEY_CURRENT_USERSoftwarePoliciesMicrosoft Internet ExplorerControl Panel subkey branch, and create a new double-byte value in the window on the right, name it "FormSuggest", and set its value to 1.
●Disable automatic completion save password:
Open HKEY_CURRENT_USERSoftwarePoliciesMicrosoft Internet ExplorerControl Panel subkey branch, and create a new double-byte value in the window on the right, name it "FormSuggestPasswords", and set its value to 1.
●Disable to change advanced page settings:
Open HKEY_CURRENT_USERSoftwarePoliciesMicrosoft Internet ExplorerControl Panel subkey branch, and create a new double-byte value in the window on the right, named "Advanced", and set its value to 1.
●Disable cache automatic proxy scripts:
Open HKEY_CURRENT_USERSoftwarePoliciesMicrosoftWindowsCurrentVersionInternet Settings sub-key branch, and then create a new double-byte value in the window on the right, name it "EnableAutoProxyResultCache", and set its value to 0.
●Disable Change Default Browser Check:
Open HKEY_CURRENT_USERSoftwarePoliciesMicrosoft Internet ExplorerControl Panel subkey branch, and then create a new double-byte value in the window on the right, name it "Check_If_Default", and set its value to 1.
●Disable the “Reset Web Settings” function:
Open HKEY_CURRENT_USERSoftwarePoliciesMicrosoft Internet ExplorerControl Panel subkey branch, and create a new double-byte value in the window on the right, name it "ResetWebSettings", and set its value to 1.
●Use the registry to unlock the "Disc Bodyguard":
"Disc Bodyguard" can to a certain extent prevent the use of unconfirmed discs, but what should you do if you don't know the unlock password when you need to use software in unconfirmed discs? The following is an example of "Disc Bodyguard" version 1.23. We can use the registry to unlock it permanently. Open HKEY_LOCAL_MACHINESOFTWAREMicrosoft WindowsCurrentVersionRun subkey branch, delete the key value item "CDBB" in the window on the right, and restart the computer to achieve the purpose of permanent unlocking.
●Extra restrictions on anonymous connections:
Open the HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa subkey branch and create a new double-byte value "RestrictAnonymo" in the window on the right. This key-value item data is usually used to restrict IPC$ empty connections. If its value is set to 0, it is not appropriate to use the default permissions. If 1, SAM accounts and sharing are not allowed. If 2, it will not be accessible without specifying anonymous permission.
●Clear virtual memory when shutting down:
Open HKEY_LOCAL_MACHINESYSTEMCurrentControlSet ControlSession ManagerMemory subkey branch in the registry editor, create a new double-byte key value item "ClearPageFileAtShutdown" in the window on the right, and set its value to 1. However, be aware that doing so will significantly increase the shutdown time.
●Enable automatic logout of users:
Open HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesLanManServer Parameters subkey branch, create a new double-byte value "EnableForcedLogOff" in the window on the right, and set its key value to 1.
●Send an unencrypted password to connect to a third-party SMB server:
Open HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServices LanmanWorkstationParameters subkey branch, create a new double-byte value "EnablePlainTextPassword" in the window on the right, and set its value to 1.
●Always digitally encrypt or sign the secure channel data:
Open HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetlogon Parameters subkey branch, create a new double-byte value "RequireSignOrSeal" in the window on the right, and set its key value to 1.
●Enable powerful session password:
Open HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetlogon Parameters subkey branch, create a new double-byte value "RequireStrongKey" in the window on the right, and set its key value to 1.
●Do not display the last logged in username on the screen:
Open HKEY_LOCAL_MACHINESOFTWAREMicrosoft WindowsCurrentVersion policysystem subkey branch, create a new double-byte value "DontDisplayLastUserName" in the window on the right, and set its key value to 1.
●Set local login users to access CD-ROM:
Open HKEY_LOCAL_MACHINESOFTWAREMicrosoft WindowsCurrentVersion Winlogon subkey branch, create a new double-byte value "AllocateCDRoms" in the window on the right, and set its value to 1. If set to "AllocateFloppies", it means that only local users can access the floppy drive.