Lock Down Run keys in HKEY_USERS


  1. Posts : 6
    Windows 7, Vista, XP
       #1

    Lock Down Run keys in HKEY_USERS


    I would like to lock down the Run keys in the HKEY_USERS hive to prevent malware. I know in Group Policy you can enable "Do Not Process The Legacy Run List" however that also restricts HKLM which is locked down to non-admins and I would still like programs to run from there. Any suggestions on how I can accomplish?

    Thanks!
      My Computer


  2. Posts : 5,642
    Windows 10 Pro (x64)
       #2

    Install an anti-virus suit of software. That is how you prevent malware. Any real nasty malware is not going to be affected by your restricted user startup programs.
      My Computer


  3. Posts : 6
    Windows 7, Vista, XP
    Thread Starter
       #3

    Been using Norton Antivirus but finding it doesn't always disallow malicious software from inserting itself into HKCU. Norton does not always stop everything even with the latest defs.
      My Computer


  4. Posts : 5,092
    Windows 7 32 bit
       #4

    You could try WinPatrol. When it detects a new startup it asks if you wish to allow it. I've used it for years. Although BillP Studios is selling WinPatrol. I believe it's still in a transition state. But if that makes you paranoid you can always download the free version a few releases back.
      My Computer


  5. Posts : 6
    Windows 7, Vista, XP
    Thread Starter
       #5

    Ideally I wanted to avoid utilizing 3rd party software and either utilize Group Policy or a logon script of some sort but I'll certainly take a look. Thanks for the suggestion!
      My Computer


  6. Posts : 5,092
    Windows 7 32 bit
       #6

    The trouble with group policy is it runs as the user who set the policy. I tried using it to prevent IE from being run. During the install of a program IE popped up. Windows installer has a higher security rating than my normal admin account it seems.

    Perhaps some system administrator who runs a domain knows the right way to do it.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 00:43.
Find Us