Definition:In simple terms "Registry is a hierarchial database where you can store information related to hardware ,System software(operating system),application software,system preferences and user preferences."
The hierarchial organisation of the database is divided into machine information,user information and software information.When the system starts it looks in the registry for the configuration settings of hardware and software installed.Its organisation depicts the directory-subdirectory concept in windows explorer. The registry is divided into six main divisions called HIVES which are inturn divided into keys and subkeys which contain values where information about software,hardware and users is stored.
The values are divided into 3 types they are DWORD,BINARY,STRING based on the usage.
DWORD is used for storing binary values where you can store list of values.Each value leads to different behaviour of OS,HARDWARE,APPLICATION SOFTWARE.String is used for human readable format.While BINARYis for storing raw data in hexadecimal format which contains hardware settings.
As i have already told the registry is primarly divided into SIX Hives.Each have its own name and function.
HKEY_CLASSES_ROOT(HKCR) contains all the information related to windows user interface,shortcuts,settings for drag and drop functionality and OLE(Object linking and embedding ).
HKEY_CURRENT _USER(HKCU) contain all the info related to current user logged into that system and his settings.
HKEY_LOCAL _MACHINE (HKLM) contains all information related to hardware,software and preferences which are common to all users who logged into the system.
HKEY_USERS(HKU) contains information related to specific preferences of individual users based on their unique security identifier called SID.
HKEY_CURRENT _CONFIG contains information which is gathered while the computer gets booted up.This information is regenerated everytime the computer bootsup.
Playing safe:-
Before making any changes to the Registry remember to back it up.We can backup entire Registry or specific keys which we wish to change.To backup the entire Registry the safest method is going to the backup utility ALL PROGRAMS>ACCESSORIES>SYSTEM TOOLS>BACKUP select the checkbox that says "System State Data" this will backup the registry as well as boot files.
from the tools menu .Click on Start Restore u will get a warning just ignore that by clicking ok .Now restart the computer for the changes to take effect.Now to export a single select the key or subkey u wish to take backup now choose FILE>EXPORT .In the dialog box select the location where u wanna save it.Select the "Selected Branch" option.Save the file with .reg extension .Now to restore this particular individual key double click on the key that u have created.
Now am going to tell u some restrictions that can be made using Registry using Regedit .If you want to remove the restriction, then simply delete the DWORD value or set its value to 0
Restrict Taskbar properties
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
create DWORD value called NoSetTaskbar and set its value to 1
Restrict Display properties
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\System
create DWORD value NoDispCpl and set its value to 1
Restrict Folder options
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
create DWORD value NoSetTaskbar and set its value to 1
Restrict Locking/Unlocking the taskbar
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
create DWORD value LockTaskbar and set its value to 1
Restrict adding or deleting items from Toolbars
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
create DWORD value NoToolbarCustomize and set its value to 1
Restrict adding or deleting Toolbars
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
create DWORD value NoBandCustomize and set its value to 1
Restrict right click in start menu
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
create DWORD value NoChangeStartMenu and set its value to 1
Restrict Desktop cleanup wizard in start menu
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
create DWORD value NoDesktopCleanupWizard and set its value to 1
Restrict Taskbar context menu
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
create DWORD value NoTrayContextMenu and set its value to 1
Restrict Registry editor
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\System
create DWORD value DisableRegistryTools and set its value to 1
Restrict Taskmanager
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\System
create DWORD value DisableTaskMgr and set its value to 1
Restrict writing to USB drives
HKEY_LOCAL_MACHINE\SYSTEM\Current Control Set\Control\StorageDevicePolicies
create DWORD value WriteProtect and set its value to 1
Restrict New option in context menu
HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenu Handlers\New
delete this entry present in the new or change its value to 0
Restrict SendTo in context menu
HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenu Handlers\Send To
Delete the Default value
Restrict Drives in MyComputer
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
In right-side pane, create a new DWORD value NoViewOnDrive and change its value as following:
3 : To Restrict A and B drives only.
4 : To Restrict C drive only.
7 : To Restrict A, B, and C drives only.
8 : To Restrict D drive only.
F : To Restrict A, B, C, and D drives only.
03FFFFFF : To Restrict all drives.
If u have other drive letters such as e,fgh.........
Use the following decimal numbers instead of Hexadecimal numbers
A: 1
B: 2
C: 4
D: 8
E: 16
F: 32
G: 64
H: 128
I: 256
J: 512
K: 1024
L: 2048
M: 4096
N: 8192
O: 16384
P: 32768
Q: 65536
R: 131072
S: 262144
T: 524288
U: 1048576
V: 2097152
W: 4194304
X: 8388608
Y: 16777216
Z: 33554432
ALL: 67108863
If u want to use more than one drive sum their corresponding numbers in the above list to hide for example if u wanna use F,G drives sum their corresponding numbers such as 32+64=96 now give the value 96 to the dword.
Restrict ControlPanel
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
Create DWORD value NoControlPanel and set its value to 1
0 comments:
Post a Comment