Re: Locking the registry

From: sabot (P_Olson_Sr_at_yahoo.com)
Date: 01/06/05 

Date: Thu, 6 Jan 2005 07:05:02 -0800

Thanks Colin, excellent tool. I have reset the registry keys, don't know how
everyone got full permissions on RUN as the rights are inherited and the keys
higher up don't have those permissions. I have a couple of older programs on
that computer that are unhappy with a less than admin account privs. Mark and
Steve, I do have Spybot and HiJackthis installed as well as Symantecs, and
popups blocked but every week, despite closing every pop up that gets through
with the upper right X rather than the command buttons, for as you know those
can be switched, or the text in the popup purposely misleading (to NOT enjoy
this wonderful software click NO).. I end up digging through the registry to
remove this junk. The good news is that the computers connecting BEHIND this
multi-homed machine are so far unaffected, although their IE is so locked
down every visited web page it seems creates a "are you sure..." popup!.

"Colin Nash [MVP]" wrote:

> If you run with an account that is not a member of Administrators or Power
> Users, you should get exactly what you are looking for (well, there would be
> no prompts, but access would be denied.) Of course, this may introduce
> compatibility problems with poorly written apps and frustrate you when you
> try to legitimately change system settings, but that's the trade-off. The
> "Run As" feature may help...
> http://support.microsoft.com/default.aspx?kbid=294676
>
> It's not normal for Everyone to have the ability to write to those areas of
> the registry. Are you sure that's what your system looks like? If the
> settings are not correct, you can look at this article to reset them...
> http://support.microsoft.com/?kbid=313222 (for XP, but I believe it would
> work on 2000 as well.)
>
>
>
> --
> Colin Nash
> Microsoft MVP
> Windows Printing/Imaging/Hardware
>
> "sabot" <P_Olson_Sr@yahoo.com> wrote in message
> news:2034F17E-2008-45A2-8CE3-C74987C5FE52@microsoft.com...
> > I've noticed that most spyware/adware are always adding registry
> > entries/BHO's/dll's in the same locations time and again. I looked at the
> > permissions on my W2K registry for HKLM,Software\\\CurrentVersion\Run and
> > found Everyone has Full permissions to create keys here (under Advanced
> > settings). Can you not programatically lock (DENY) all these areas with a
> > MACRO button in IE so when you surf you just make it impossible to INSTALL
> > anything there? It would be nice to have the option of just clicking a
> > button
> > on the browser interface that effectively denies registry and programfiles
> > or
> > system32 additions\changes, at least without a clearly worded prompt. Is
> > there such a tool\script available?
> > --
> > "what is the meaning of value in a world of fact"
>
>
>

Quantcast