1. Disable the windows key => HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ KeyboardLayout
create a new binary file with a name Scandode Map0000 00 00 00 00 00 00 00 030008 03 00 00 00 00 00 5B E00010 00 00 5C E0 00 00 00 0300182. Disabling menu search => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorercreate a DWORD named NoFind file, change the value to 1
3. Hiding run => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ ExplorerNoRun DWORD with the name of the file, change the value to 1
4. Setting the hidden file system => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Advanceda new DWORD value named Hidden, change the value to 1
5. Set the file extension hidden => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Advanceda new DWORD value named HideFileExt, change the value to 1
6. Hiding the folder options => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ ExplorerDWORD value named NoFolderOptions, change the value to 1
7. Prevent access to drives C => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ ExplorerDWORD value named NoViewOnDrive, change the value to 4
8. Men-Disable command prompt => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Microsoft \ Windows \ SystemDWORD value named DisableCMD, the value to 2
9. Prevent access to Regedit => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ SystemDisableRegistryTools DWORD value with the name, the value to 1
10. Preventing access to Task Manager => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ SystemDWORD value named DisableTaskMgr, the value to 1
11. Eliminate the ShutDown button => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ ExplorerNoClose DWORD value with name, change the value to 1
12. Hidden All Programs from the Start Menu => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ ExplorerNoStartMenuMorePrograms DWORD value with name, change the value to 1
13. Start up AplikasiRuns => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Runnew String value named anything what, then change the value with the path or file nameto be run.
14. Automatic Logon Startup => HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows_NT \ CurrentVersion \ Winlogonnew String value named AutoAdminLogon, change the value to 1
15. Restrict certain programs => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorera new DWORD value named DisallowRun, change the value to 1a new key named DisallowRun, for example want to restrict Regedit create the value string with the name 1, and values with the path
16. Ignoring changes in settings => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorera new DWORD value named NoSaveSetting, change the value to 1
17. Removing traces username => HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Systemdouble click on Don'tdisplaylastusername, change the value to 1
18. Creating an account is hidden => HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ SpecialAccounts \ Userlista new DWORD value with anything what name, and change the value to 0 to hide
19. Manipulating the minimum password length => HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ NetworkThe new binary value named MinPwdLenTo determine the number of password at least write down the password length after 0000eg, a password at least 9 characters, then write 09 0000
20. Removing Icons Control Panel => HKEY_CURRENT_USER \ ControlPanel \ don'tloadcreate a string value based on the following dataAccess.cpl = Accessbility OptionHdwwiz.cpl = Add HardwareAppwiz.cpl = Add / remove programsConsole.cpl = ConsoleTimedate.cpl = Date and timeDesk.cpl = DisplayFax.cpl = FaxInetcpl.cpl = Internet OptionsJoy.cpl = Game ControllersLiccpa.cpl = LicensingMain.cpl = MaouseMlcfg32.cpl = MailModem.cpl = Modem and PhoneNcpa.cpl = Network ConnectionsNetcpl.cpl = Network and dialup connectivityNwc.cpl = Netware clientOdbccp32.cpl = ODBC ConnectionDevapps.cpl = PC CardPorts.cpl = PortsTelephone.cpl = Phone and Modem OptionsPowercfg.cpl = Power OptionIntl.cpl = Regional and languageSticpl.cpl = Scanner and CamerSrvmgr.cpl = Server ManagerMmsys.cpl = Sound and audio devicesSapi.cpl = Speech PropertiesSysdm.cpl = SystemTweakyui = TweakUINusmgr.cpl = User Accountirprops.cpl = Wireless LinkWspcpl32.cpl = WSP ClientAdobe Gamma.cpl = Adobe GammaCpqmgmt.cpl = Compaq Insght Agentlgfxcpl.cpl = Inter Graphics TechnologyJpicpl32.cpl = Java pluginlightFrame.cpl = LightframeNmo.cpl = Nokia modem optionsMclconf.cpl = Nokia Connection managerS32LUCP1.cpl = Norton Live UpdateQuictime.cpl = QuickTimeAvscpa.cpl = Virus Scan
System options eg want to remove, then create the value string with the name sysdm.cpl and change the value to No.
21. Menonaktfifkan Active Desktop => HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ ExplorerNoActiveDesktop binary value with the name, value data as:0000 01 00 00 00
22. Access Lock Floppy Drive => HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ WinlogonAllocateFloppies string value with the name, change the value to 0 to hide the TSB account
23. Removing Shared Documents =>delete subykey {59031a47-3f72-44a7-89c5-5595fe6b30ee}
24. Disable writing in the flash => [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ StorageDevicePolicies]"WriteProtect" = dword: 00000001
Hacking the Registry with Batch FileBasic commands- REG ADD- REG DELETE- REG COPY- REG SAVE- REG LOAD- REG unload- REG QUERY- REG Compare- REG EXPORT- REG IMPORT
Code Structure
1. REG ADDREG ADD KeyName [/ v Value Name] [/ tType] [/ d Data] [/ f]Example syntax: Disabling Menu SearchREG ADD HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer / v NoFind / t REG_DWORD / d 1 / f
Keyname => is the name of the key that will be targeted. Rootkey should be abbreviatedAbbreviations Rootkey- HKEY_CLASSES_ROOT => HKCR- HKEY_CURRENT_USER => HKCU- HKEY_LOCAL_MACHINE => HKLM- HKEY_USERS => HKU- HKEY_CURRENT_CONFIG => HKCC
Value to the registry => Used to add the name value to the registryType Value In Registry- String Value => REG_SZ- DWORD Value => REG_DWORD- Binary Value => REG_BINARYData => Used to determine the value of value/ F => Used to ignore the overwrite command, if there is a value or the same key
2. REG DELETE=> To remove the registry value specifiedREG DELETE KeyName [/ v Value Name | / va] / f[/ V Value Name | / va] => Used to delete the value, or by using the / va delete all values
3. REG COPYREG COPY keyname keyname 1 2 [/ s] [/ f]/ S command to copy all the keys along with keys that are insid
0 comments:
Post a Comment