Politicas de restriccion
_________________________________________________________________________________
Disable ADM
CLASS MACHINE
CATEGORY !!category
CATEGORY !!categoryname
POLICY !!policynameusb
KEYNAME "SYSTEM\CurrentControlSet\Services\USBSTOR"
EXPLAIN !!explaintextusb
PART !!labeltextusb DROPDOWNLIST REQUIRED
VALUENAME "Start"
ITEMLIST
NAME !!Disabled VALUE NUMERIC 3 DEFAULT
NAME !!Enabled VALUE NUMERIC 4
END ITEMLIST
END PART
END POLICY
POLICY !!policynamecd
KEYNAME "SYSTEM\CurrentControlSet\Services\Cdrom"
EXPLAIN !!explaintextcd
PART !!labeltextcd DROPDOWNLIST REQUIRED
VALUENAME "Start"
ITEMLIST
NAME !!Disabled VALUE NUMERIC 1 DEFAULT
NAME !!Enabled VALUE NUMERIC 4
END ITEMLIST
END PART
END POLICY
POLICY !!policynameflpy
KEYNAME "SYSTEM\CurrentControlSet\Services\Flpydisk"
EXPLAIN !!explaintextflpy
PART !!labeltextflpy DROPDOWNLIST REQUIRED
VALUENAME "Start"
ITEMLIST
NAME !!Disabled VALUE NUMERIC 3 DEFAULT
NAME !!Enabled VALUE NUMERIC 4
END ITEMLIST
END PART
END POLICY
POLICY !!policynamels120
KEYNAME "SYSTEM\CurrentControlSet\Services\Sfloppy"
EXPLAIN !!explaintextls120
PART !!labeltextls120 DROPDOWNLIST REQUIRED
VALUENAME "Start"
ITEMLIST
NAME !!Disabled VALUE NUMERIC 3 DEFAULT
NAME !!Enabled VALUE NUMERIC 4
END ITEMLIST
END PART
END POLICY
END CATEGORY
END CATEGORY
[strings]
category="Custom Policy Settings"
categoryname="Restrict Drives"
policynameusb="Disable USB"
policynamecd="Disable CD-ROM"
policynameflpy="Disable Floppy"
policynamels120="Disable High Capacity Floppy"
explaintextusb="Disables the computers USB ports by disabling the usbstor.sys driver"
explaintextcd="Disables the computers CD-ROM Drive by disabling the cdrom.sys driver"
explaintextflpy="Disables the computers Floppy Drive by disabling the flpydisk.sys driver"
explaintextls120="Disables the computers High Capacity Floppy Drive by disabling the sfloppy.sys driver"
labeltextusb="Disable USB Ports"
labeltextcd="Disable CD-ROM Drive"
labeltextflpy="Disable Floppy Drive"
labeltextls120="Disable High Capacity Floppy Drive"
Enabled="Enabled"
Disabled="Disabled" ____________________________________________________________________________________________________________________
Disable AutoRun Unidades
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
______________________________________________________________________________________________________________________
Disable Autorun Unds HKU
Windows Registry Editor Version 5.00
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
_________________________________________________________________________________________________________________________
Disable Autorun Unds HKU5
Windows Registry Editor Version 5.00
[HKEY_USERS\S-1-5-21-57989841-1364589140-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
___________________________________________________________________________________________________________________________
Disable Autorun Unds HKUsLM
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
___________________________________________________________________________________________________________________________
Disable CMD
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System]
"DisableCMD"=dword:00000002
___________________________________________________________________________________________________________________________
Disable Floppy
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Flpydisk]
"ErrorControl"=dword:00000000
"Group"="Primary disk"
"Start"=dword:00000001
"Tag"=dword:00000002
"Type"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Flpydisk\Enum]
"Count"=dword:00000000
"NextInstance"=dword:00000000
"INITSTARTFAILED"=dword:00000001
___________________________________________________________________________________________________________________________
Disable Floppy y CD US Remoto
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoRestartShell"=dword:00000001
"DefaultDomainName"="SISTEMASPROG"
"DefaultUserName"="AnalistaProgramador"
"LegalNoticeCaption"=""
"LegalNoticeText"=""
"PowerdownAfterShutdown"="0"
"ReportBootOk"="1"
"Shell"="Explorer.exe"
"ShutdownWithoutLogon"="0"
"System"=""
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"VmApplet"="rundll32 shell32,Control_RunDLL \"sysdm.cpl\""
"SfcQuota"=dword:ffffffff
"allocatecdroms"="0"
"allocatedasd"="0"
"allocatefloppies"="0"
"cachedlogonscount"="10"
"forceunlocklogon"=dword:00000000
"passwordexpirywarning"=dword:0000000e
"scremoveoption"="0"
"AllowMultipleTSSessions"=dword:00000001
"UIHost"=hex(2):6c,00,6f,00,67,00,6f,00,6e,00,75,00,69,00,2e,00,65,00,78,00,65,\
00,00,00
"LogonType"=dword:00000001
"Background"="0 0 0"
"DebugServerCommand"="no"
"SFCDisable"=dword:00000000
"WinStationsDisabled"="0"
"HibernationPreviouslyEnabled"=dword:00000001
"ShowLogonOptions"=dword:00000000
"AltDefaultUserName"="AnalistaProgramador"
"AltDefaultDomainName"="SISTEMASPROG"
"SfcScan"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}]
@="Inalámbrico"
"ProcessGroupPolicy"="ProcessWIRELESSPolicy"
"DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
00,00
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}]
@="Folder Redirection"
"ProcessGroupPolicyEx"="ProcessGroupPolicyEx"
"DllName"=hex(2):66,00,64,00,65,00,70,00,6c,00,6f,00,79,00,2e,00,64,00,6c,00,\
6c,00,00,00
"NoMachinePolicy"=dword:00000001
"NoSlowLink"=dword:00000001
"PerUserLocalSettings"=dword:00000001
"NoGPOListChanges"=dword:00000000
"NoBackgroundPolicy"=dword:00000000
"GenerateGroupPolicy"="GenerateGroupPolicy"
"EventSources"=hex(7):28,00,46,00,6f,00,6c,00,64,00,65,00,72,00,20,00,52,00,65,\
00,64,00,69,00,72,00,65,00,63,00,74,00,69,00,6f,00,6e,00,2c,00,41,00,70,00,\
70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,29,00,00,00,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}]
@="Cuota de discos de Microsoft"
"NoMachinePolicy"=dword:00000000
"NoUserPolicy"=dword:00000001
"NoSlowLink"=dword:00000001
"NoBackgroundPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001
"PerUserLocalSettings"=dword:00000000
"RequiresSuccessfulRegistry"=dword:00000001
"EnableAsynchronousProcessing"=dword:00000000
"DllName"=hex(2):64,00,73,00,6b,00,71,00,75,00,6f,00,74,00,61,00,2e,00,64,00,\
6c,00,6c,00,00,00
"ProcessGroupPolicy"="ProcessGroupPolicy"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}]
@="Programador de paquetes QoS"
"ProcessGroupPolicy"="ProcessPSCHEDPolicy"
"DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
00,00
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}]
@="Secuencias de comandos"
"ProcessGroupPolicy"="ProcessScriptsGroupPolicy"
"ProcessGroupPolicyEx"="ProcessScriptsGroupPolicyEx"
"GenerateGroupPolicy"="GenerateScriptsGroupPolicy"
"DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
00,00
"NoSlowLink"=dword:00000001
"NoGPOListChanges"=dword:00000001
"NotifyLinkTransition"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}]
@="Internet Explorer Zonemapping"
"DllName"=hex(2):69,00,65,00,64,00,6b,00,63,00,73,00,33,00,32,00,2e,00,64,00,\
6c,00,6c,00,00,00
"ProcessGroupPolicy"="ProcessGroupPolicyForZoneMap"
"NoGPOListChanges"=dword:00000001
"RequiresSucessfulRegistry"=dword:00000001
"DisplayName"=hex(2):40,00,69,00,65,00,64,00,6b,00,63,00,73,00,33,00,32,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,35,00,31,00,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}]
"ProcessGroupPolicy"="SceProcessSecurityPolicyGPO"
"GenerateGroupPolicy"="SceGenerateGroupPolicy"
"ExtensionRsopPlanningDebugLevel"=dword:00000001
"ProcessGroupPolicyEx"="SceProcessSecurityPolicyGPOEx"
"ExtensionDebugLevel"=dword:00000001
"DllName"=hex(2):73,00,63,00,65,00,63,00,6c,00,69,00,2e,00,64,00,6c,00,6c,00,\
00,00
@="Security"
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001
"EnableAsynchronousProcessing"=dword:00000001
"MaxNoGPOListChangesInterval"=dword:000003c0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}]
"ProcessGroupPolicyEx"="ProcessGroupPolicyEx"
"GenerateGroupPolicy"="GenerateGroupPolicy"
"ProcessGroupPolicy"="ProcessGroupPolicy"
"DllName"="iedkcs32.dll"
@="Internet Explorer Branding"
"NoSlowLink"=dword:00000001
"NoBackgroundPolicy"=dword:00000000
"NoGPOListChanges"=dword:00000001
"NoMachinePolicy"=dword:00000001
"DisplayName"=hex(2):40,00,69,00,65,00,64,00,6b,00,63,00,73,00,33,00,32,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,33,00,30,00,31,00,34,00,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}]
"ProcessGroupPolicy"="SceProcessEFSRecoveryGPO"
"DllName"=hex(2):73,00,63,00,65,00,63,00,6c,00,69,00,2e,00,64,00,6c,00,6c,00,\
00,00
@="EFS recovery"
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001
"RequiresSuccessfulRegistry"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{C631DF4C-088F-4156-B058-4375F0853CD8}]
@="Microsoft Offline Files"
"DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,63,\
00,73,00,63,00,75,00,69,00,2e,00,64,00,6c,00,6c,00,00,00
"EnableAsynchronousProcessing"=dword:00000000
"NoBackgroundPolicy"=dword:00000000
"NoGPOListChanges"=dword:00000000
"NoMachinePolicy"=dword:00000000
"NoSlowLink"=dword:00000000
"NoUserPolicy"=dword:00000001
"PerUserLocalSettings"=dword:00000000
"ProcessGroupPolicy"="ProcessGroupPolicy"
"RequiresSuccessfulRegistry"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}]
@="Instalación de software"
"DllName"=hex(2):61,00,70,00,70,00,6d,00,67,00,6d,00,74,00,73,00,2e,00,64,00,\
6c,00,6c,00,00,00
"ProcessGroupPolicyEx"="ProcessGroupPolicyObjectsEx"
"GenerateGroupPolicy"="GenerateGroupPolicy"
"NoBackgroundPolicy"=dword:00000000
"RequiresSucessfulRegistry"=dword:00000000
"NoSlowLink"=dword:00000001
"PerUserLocalSettings"=dword:00000001
"EventSources"=hex(7):28,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,\
00,6f,00,6e,00,20,00,4d,00,61,00,6e,00,61,00,67,00,65,00,6d,00,65,00,6e,00,\
74,00,2c,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,\
00,29,00,00,00,28,00,4d,00,73,00,69,00,49,00,6e,00,73,00,74,00,61,00,6c,00,\
6c,00,65,00,72,00,2c,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,\
00,6f,00,6e,00,29,00,00,00,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}]
@="Seguridad IP"
"ProcessGroupPolicy"="ProcessIPSECPolicy"
"DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
00,00
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
@=""
"DLLName"="igfxdev.dll"
"Asynchronous"=dword:00000001
"Impersonate"=dword:00000001
"Unlock"="WinlogonUnlockEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
"Asynchronous"=dword:00000000
"DllName"=hex(2):4c,00,4d,00,49,00,69,00,6e,00,69,00,74,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Impersonate"=dword:00000000
"Lock"="WLEventLock"
"Logoff"="WLEventLogoff"
"Logon"="WLEventLogon"
"Shutdown"="WLEventShutdown"
"StartScreenSaver"="WLEventStartScreenSaver"
"StartShell"="WLEventStartShell"
"Startup"="WLEventStartup"
"StopScreenSaver"="WLEventStopScreenSaver"
"Unlock"="WLEventUnlock"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]
"Asistente de ayuda"=dword:00000000
"TsInternetUser"=dword:00000000
"SQLAgentCmdExec"=dword:00000000
"NetShowServices"=dword:00000000
"HelpAssistant"=dword:00000000
"IWAM_"=dword:00010000
"IUSR_"=dword:00010000
"VUSR_"=dword:00010000
________________________________________________________________________________________________________________________
Disable Regedit
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000002
_________________________________________________________________________________________________________________________
Disable Unidades Accesos Regedit CMD
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"Start"=dword:00000004
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Flpydisk]
"Start"=dword:00000004
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbstor]
"Start"=dword:00000004
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"allocatecdroms"="1"
"allocatefloppies"="1"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
"NoViewOnDrive"=dword:00000003
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
"NoViewOnDrive"=dword:00000003
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
"NoViewOnDrive"=dword:00000003
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000002
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System]
"DisableCMD"=dword:00000002
______________________________________________________________________________________________________________________
Disable USB
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbstor]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"DisplayName"="Dispositivo de almacenamiento masivo de datos USB"
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,55,00,53,00,42,00,53,00,54,00,4f,\
00,52,00,2e,00,53,00,59,00,53,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbstor\Enum]
"0"="USB\\Vid_04cf&Pid_8818\\100"
"Count"=dword:00000003
"NextInstance"=dword:00000003
"1"="USB\\Vid_0644&Pid_0200\\000005076A72"
"2"="USB\\Vid_13fe&Pid_1a00\\5B770F87DCF3"
_______________________________________________________________________________________________________________________
Enable unds Accesos Regedit CMD
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"Start"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Flpydisk]
"Start"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbstor]
"Start"=dword:00000003
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"allocatecdroms"="0"
"allocatefloppies"="0"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoViewOnDrive"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoViewOnDrive"=dword:00000000
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoViewOnDrive"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000000
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System]
"DisableCMD"=dword:00000000
___________________________________________________________________________________________________________________
No Acceder Unds
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoViewOnDrive"=dword:0000000f
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoViewOnDrive"=dword:0000000f
___________________________________________________________________________________________________________________
NO acceder a UndsCU
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoViewOnDrive"=dword:00000003
____________________________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
HABILITAR ACCESO REMOTO
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]
"fAllowToGetHelp"=dword:00000001
"FirstCountMsgQPeeksSleepBadApp"=dword:0000000f
"Modems With Bad DSR"=hex(7):4d,00,75,00,6c,00,74,00,69,00,54,00,65,00,63,00,\
68,00,20,00,4d,00,75,00,6c,00,74,00,69,00,4d,00,6f,00,64,00,65,00,6d,00,20,\
00,4d,00,54,00,32,00,38,00,33,00,34,00,00,00,4d,00,75,00,6c,00,74,00,69,00,\
54,00,65,00,63,00,68,00,20,00,4d,00,75,00,6c,00,74,00,69,00,4d,00,6f,00,64,\
00,65,00,6d,00,20,00,4d,00,54,00,32,00,38,00,33,00,34,00,5a,00,44,00,58,00,\
00,00,4d,00,75,00,6c,00,74,00,69,00,54,00,65,00,63,00,68,00,20,00,4d,00,54,\
00,32,00,38,00,33,00,34,00,00,00,4d,00,75,00,6c,00,74,00,69,00,54,00,65,00,\
63,00,68,00,20,00,4d,00,54,00,32,00,38,00,33,00,34,00,5a,00,44,00,58,00,00,\
00,4d,00,75,00,6c,00,74,00,69,00,54,00,65,00,63,00,68,00,20,00,32,00,38,00,\
33,00,34,00,00,00,4d,00,75,00,6c,00,74,00,69,00,54,00,65,00,63,00,68,00,20,\
00,32,00,38,00,33,00,34,00,5a,00,44,00,58,00,00,00,00,00
"MsgQBadAppSleepTimeInMillisec"=dword:00000001
"NthCountMsgQPeeksSleepBadApp"=dword:00000005
"fWritableTSCCPermTab"=dword:00000000
"DeleteTempDirsOnExit"=dword:00000000
"PerSessionTempDir"=dword:00000000
"fDenyTSConnections"=dword:00000000
"ProductVersion"="5.1"
"TSAdvertise"=dword:00000000
"IdleWinStationPoolCount"=dword:00000000
"TSAppCompat"=dword:00000000
"TSEnabled"=dword:00000001
"TSUserEnabled"=dword:00000000
"fEnableSalem"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\AddIns]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\AddIns\Clip Redirector]
"Name"="RDPClip"
"Type"=dword:00000003
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\AddIns\Sound Redirector]
"Name"="RDPSound"
"Type"=dword:00000003
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\AddIns\Terminal Server Redirector]
"Name"="\\Device\\RdpDr"
"Type"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\AuthorizedApplications]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration]
"Callback"=dword:00000000
"CallbackNumber"=""
"Domain"=""
"InitialProgram"=""
"KeyboardLayout"=dword:00000000
"MaxConnectionTime"=dword:00000000
"MaxDisconnectionTime"=dword:00000000
"MaxIdleTime"=dword:00000000
"NWLogonServer"=""
"Password"=""
"Shadow"=dword:00000001
"UserName"=""
"WorkDirectory"=""
"fInheritAutoLogon"=dword:00000001
"fInheritCallback"=dword:00000000
"fInheritCallbackNumber"=dword:00000000
"fInheritInitialProgram"=dword:00000001
"fInheritMaxDisconnectionTime"=dword:00000000
"fInheritMaxIdleTime"=dword:00000000
"fInheritMaxSessionTime"=dword:00000000
"fInheritReconnectSame"=dword:00000000
"fInheritResetBroken"=dword:00000000
"fInheritShadow"=dword:00000000
"fLogonDisabled"=dword:00000000
"fPromptForPassword"=dword:00000000
"fReconnectSame"=dword:00000000
"fResetBroken"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Dos]
"KbdIdleBusymsAllowed"=dword:0000003c
"KbdIdleDetectAbsolute"=dword:00000001
"KbdIdleDetectProbationCount"=dword:00000050
"KbdIdleInProbationCount"=dword:00000023
"KbdIdlemsAllowed"=dword:00000000
"KbdIdlemsGoodProbationEnd"=dword:000009c4
"KbdIdlemsProbationTrial"=dword:000009c4
"KbdIdlemsSleep"=dword:00000064
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\InputDevices]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\KeyboardType Mapping]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\KeyboardType Mapping\JPN]
"00000000"="kbd101.dll"
"00000001"="kbdax2.dll"
"00000002"="kbd106.dll"
"00000003"="kbdibm02.dll"
"00010D01"="kbdnec95.dll"
"000000000017"="kbdlk41a.dll"
"000000020015"="kbdnecAT.dll"
"000000020017"="kbdlk41j.dll"
"00000D01"="kbdnecNT.dll"
"00000D04"="kbdnecNT.dll"
"00010002"="kbd106n.dll"
"00010D04"="kbdnec95.dll"
"00020002"="f3ahvoas.dll"
"00020D01"="kbdnecAT.dll"
"00020D04"="kbdnecAT.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\KeyboardType Mapping\KOR]
"00000003"="kbd101a.dll"
"00000004"="kbd101b.dll"
"00000005"="kbd101c.dll"
"00000006"="kbd103.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Licensing Core]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\SysProcs]
"csrss.exe"=dword:00000000
"smss.exe"=dword:00000000
"screg.exe"=dword:00000000
"lsass.exe"=dword:00000000
"spoolss.exe"=dword:00000000
"EventLog.exe"=dword:00000000
"netdde.exe"=dword:00000000
"clipsrv.exe"=dword:00000000
"lmsvcs.exe"=dword:00000000
"MsgSvc.exe"=dword:00000000
"winlogon.exe"=dword:00000000
"NETSTRS.EXE"=dword:00000000
"nddeagnt.exe"=dword:00000000
"os2srv.exe"=dword:00000000
"wfshell.exe"=dword:00000000
"win.com"=dword:00000000
"rdpclip.exe"=dword:00000000
"conime.exe"=dword:00000000
"proquota.exe"=dword:00000000
"imepadsv.exe"=dword:00000000
"ctfmon.exe"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Utilities]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Utilities\change]
"logon"=hex(7):30,00,00,00,31,00,00,00,4c,00,4f,00,47,00,4f,00,4e,00,00,00,63,\
00,68,00,67,00,6c,00,6f,00,67,00,6f,00,6e,00,2e,00,65,00,78,00,65,00,00,00,\
00,00
"port"=hex(7):30,00,00,00,31,00,00,00,50,00,4f,00,52,00,54,00,00,00,63,00,68,\
00,67,00,70,00,6f,00,72,00,74,00,2e,00,65,00,78,00,65,00,00,00,00,00
"user"=hex(7):30,00,00,00,31,00,00,00,55,00,53,00,45,00,52,00,00,00,63,00,68,\
00,67,00,75,00,73,00,72,00,2e,00,65,00,78,00,65,00,00,00,00,00
"winsta"=hex(7):31,00,00,00,31,00,00,00,57,00,49,00,4e,00,53,00,54,00,41,00,00,\
00,63,00,68,00,67,00,6c,00,6f,00,67,00,6f,00,6e,00,2e,00,65,00,78,00,65,00,\
00,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Utilities\query]
"appserver"=hex(7):30,00,00,00,32,00,00,00,54,00,45,00,52,00,4d,00,53,00,45,00,\
52,00,56,00,45,00,52,00,00,00,71,00,61,00,70,00,70,00,73,00,72,00,76,00,2e,\
00,65,00,78,00,65,00,00,00,00,00
"process"=hex(7):30,00,00,00,31,00,00,00,50,00,52,00,4f,00,43,00,45,00,53,00,\
53,00,00,00,71,00,70,00,72,00,6f,00,63,00,65,00,73,00,73,00,2e,00,65,00,78,\
00,65,00,00,00,00,00
"session"=hex(7):30,00,00,00,31,00,00,00,53,00,45,00,53,00,53,00,49,00,4f,00,\
4e,00,00,00,71,00,77,00,69,00,6e,00,73,00,74,00,61,00,2e,00,65,00,78,00,65,\
00,00,00,00,00
"user"=hex(7):30,00,00,00,31,00,00,00,55,00,53,00,45,00,52,00,00,00,71,00,75,\
00,73,00,65,00,72,00,2e,00,65,00,78,00,65,00,00,00,00,00
"winsta"=hex(7):31,00,00,00,31,00,00,00,57,00,49,00,4e,00,53,00,54,00,41,00,00,\
00,71,00,77,00,69,00,6e,00,73,00,74,00,61,00,2e,00,65,00,78,00,65,00,00,00,\
00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Utilities\reset]
"session"=hex(7):30,00,00,00,31,00,00,00,53,00,45,00,53,00,53,00,49,00,4f,00,\
4e,00,00,00,72,00,77,00,69,00,6e,00,73,00,74,00,61,00,2e,00,65,00,78,00,65,\
00,00,00,00,00
"winsta"=hex(7):31,00,00,00,31,00,00,00,57,00,49,00,4e,00,53,00,54,00,41,00,00,\
00,72,00,77,00,69,00,6e,00,73,00,74,00,61,00,2e,00,65,00,78,00,65,00,00,00,\
00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\VIDEO]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\VIDEO\disc]
"VgaCompatible"="\\Device\\Video0"
"\\Device\\Video0"="\\REGISTRY\\Machine\\System\\CurrentControlSet\\Services\\TSDDD\\Device0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\VIDEO\rdpdd]
"VgaCompatible"="\\Device\\Video0"
"\\Device\\Video0"="\\REGISTRY\\Machine\\System\\CurrentControlSet\\Services\\RDPDD\\Device0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd]
"BaudRate"=dword:0000e100
"ByteSize"=dword:00000008
"CfgDll"="RDPCFGEX.DLL"
"ConnectType"=dword:00000001
"ColorDepth"=dword:00000001
"DeviceName"=""
"FlowHardwareRx"=dword:00000001
"FlowHardwareTx"=dword:00000001
"FlowType"=dword:00000001
"InputBufferLength"=dword:00000800
"MinEncryptionLevel"=dword:00000002
"Parity"=dword:00000000
"StartupPrograms"="rdpclip"
"StopBits"=dword:00000000
"WdDLL"="rdpwd"
"WdFlag"=dword:00000036
"WdName"="Microsoft RDP 5.1"
"WdPrefix"="RDP"
"WsxDLL"="rdpwsx"
"XoffChar"=dword:00000013
"XonChar"=dword:00000011
"fAutoClientDrives"=dword:00000001
"fAutoClientLpts"=dword:00000001
"fDisableCcm"=dword:00000000
"fDisableCdm"=dword:00000000
"fDisableClip"=dword:00000000
"fDisableCpm"=dword:00000000
"fDisableEncryption"=dword:00000001
"fDisableLPT"=dword:00000000
"fEnableBreakDisconnect"=dword:00000000
"fEnableDTR"=dword:00000001
"fEnableDsrSensitivity"=dword:00000000
"fEnableRTS"=dword:00000001
"fFlowSoftwareRx"=dword:00000001
"fFlowSoftwareTx"=dword:00000001
"fForceClientLptDef"=dword:00000001
"fInheritAutoClient"=dword:00000001
"fDisableCam"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp]
"InteractiveDelay"=dword:0000000a
"OutBufCount"=dword:00000006
"OutBufDelay"=dword:00000064
"OutBufLength"=dword:00000212
"PdClass"=dword:00000002
"PdDLL"="tdtcp"
"PdFlag"=dword:0000004e
"PdName"="tcp"
"PortNumber"=dword:00000d3d
"ServiceName"="tcpip"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations]
"DefaultSecurity"=hex:01,00,14,80,ac,00,00,00,b8,00,00,00,00,00,00,00,14,00,00,\
00,02,00,98,00,06,00,00,00,00,00,24,00,bf,03,0f,00,01,05,00,00,00,00,00,05,\
15,00,00,00,2f,d5,ec,6d,1c,09,b0,09,43,17,0a,32,e8,03,00,00,00,00,18,00,bf,\
03,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,bf,03,\
0f,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,a1,01,00,00,01,02,00,\
00,00,00,00,05,20,00,00,00,2b,02,00,00,00,00,14,00,81,00,00,00,01,01,00,00,\
00,00,00,05,13,00,00,00,00,00,14,00,81,00,00,00,01,01,00,00,00,00,00,05,14,\
00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,\
00,00
"ConsoleSecurity"=hex:01,00,14,80,ac,00,00,00,b8,00,00,00,00,00,00,00,14,00,00,\
00,02,00,98,00,06,00,00,00,00,00,24,00,bf,03,0f,00,01,05,00,00,00,00,00,05,\
15,00,00,00,2f,d5,ec,6d,1c,09,b0,09,43,17,0a,32,e8,03,00,00,00,00,18,00,bf,\
03,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,bf,03,\
0f,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,a1,01,00,00,01,02,00,\
00,00,00,00,05,20,00,00,00,2b,02,00,00,00,00,14,00,81,00,00,00,01,01,00,00,\
00,00,00,05,13,00,00,00,00,00,14,00,81,00,00,00,01,01,00,00,00,00,00,05,14,\
00,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,\
00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\Console]
"MinEncryptionLevel"=dword:00000000
"Callback"=dword:00000000
"CallbackNumber"=""
"Comment"="System Console"
"Domain"=""
"InitialProgram"=""
"InputBufferLength"=dword:00000000
"KeyboardLayout"=dword:00000000
"KeyboardName"="\\REGISTRY\\Machine\\System\\CurrentControlSet\\Services\\Kbdclass"
"MaxConnectionTime"=dword:00000000
"MaxDisconnectionTime"=dword:00000000
"MaxIdleTime"=dword:00000000
"MouseName"="\\REGISTRY\\Machine\\System\\CurrentControlSet\\Services\\Mouclass"
"OutBufCount"=dword:00000000
"OutBufDelay"=dword:00000000
"OutBufLength"=dword:00000000
"Password"=""
"PdClass"=dword:00000001
"PdDll"=""
"PdFlag"=dword:0000001e
"PdName"="console"
"UserName"=""
"WdDll"="wdcon"
"WdFlag"=dword:00000024
"WdName"="Console"
"WorkDirectory"=""
"fInheritAutoLogon"=dword:00000000
"fInheritCallback"=dword:00000000
"fInheritCallbackNumber"=dword:00000000
"fInheritInitialProgram"=dword:00000000
"fInheritMaxDisconnectionTime"=dword:00000000
"fInheritMaxIdleTime"=dword:00000000
"fInheritMaxSessionTime"=dword:00000000
"fInheritReconnectSame"=dword:00000000
"fInheritResetBroken"=dword:00000000
"fInheritShadow"=dword:00000000
"fLogonDisabled"=dword:00000000
"fPromptForPassword"=dword:00000001
"fReconnectSame"=dword:00000000
"fResetBroken"=dword:00000000
"fUseDefaultGina"=dword:00000000
"Shadow"=dword:00000001
"TraceClass"=dword:10000009
"TraceDebugger"=dword:00000001
"TraceEnable"=dword:0000000c
"fEnableWinStation"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\Console\RDP]
"CdClass"=dword:00000000
"CdDLL"=""
"CdFlag"=dword:00000000
"CdName"=""
"CfgDll"="RDPCFGEX.DLL"
"InteractiveDelay"=dword:00000032
"OutBufDelay"=dword:00000064
"PdClass"=dword:00000002
"PdDLL"="tdtcp"
"PdFlag"=dword:0000004e
"PdName"="tcp"
"WdDLL"="rdpwd"
"WdFlag"=dword:00000034
"WdName"="Microsoft RDP 5.1"
"WdPrefix"="RDP"
"WsxDLL"="rdpwsx"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
"CfgDll"="RDPCFGEX.DLL"
"fEnableWinStation"=dword:00000001
"MaxInstanceCount"=dword:ffffffff
"PdName"="tcp"
"PdClass"=dword:00000002
"PdDLL"="tdtcp"
"PdFlag"=dword:0000004e
"OutBufLength"=dword:00000212
"OutBufCount"=dword:00000006
"OutBufDelay"=dword:00000064
"InteractiveDelay"=dword:00000032
"PortNumber"=dword:00000d3d
"KeepAliveTimeout"=dword:00000000
"LanAdapter"=dword:00000000
"WdName"="Microsoft RDP 5.1"
"WdDLL"="rdpwd"
"WsxDLL"="rdpwsx"
"WdFlag"=dword:00000036
"InputBufferLength"=dword:00000800
"CdClass"=dword:00000000
"CdName"=""
"CdDLL"=""
"CdFlag"=dword:00000000
"Comment"=""
"fInheritAutoLogon"=dword:00000001
"fInheritResetBroken"=dword:00000001
"fInheritReconnectSame"=dword:00000001
"fInheritInitialProgram"=dword:00000001
"fInheritCallback"=dword:00000000
"fInheritCallbackNumber"=dword:00000001
"fInheritShadow"=dword:00000001
"fInheritMaxSessionTime"=dword:00000001
"fInheritMaxDisconnectionTime"=dword:00000001
"fInheritMaxIdleTime"=dword:00000001
"fInheritAutoClient"=dword:00000001
"fInheritSecurity"=dword:00000000
"fInheritColorDepth"=dword:00000000
"fPromptForPassword"=dword:00000000
"fResetBroken"=dword:00000000
"fReconnectSame"=dword:00000000
"fLogonDisabled"=dword:00000000
"fAutoClientDrives"=dword:00000001
"fAutoClientLpts"=dword:00000001
"fForceClientLptDef"=dword:00000001
"fDisableEncryption"=dword:00000001
"fHomeDirectoryMapRoot"=dword:00000000
"fUseDefaultGina"=dword:00000000
"fDisableCpm"=dword:00000000
"fDisableCdm"=dword:00000000
"fDisableCcm"=dword:00000000
"fDisableLPT"=dword:00000000
"fDisableClip"=dword:00000000
"fDisableExe"=dword:00000000
"fDisableCam"=dword:00000000
"Username"=""
"Domain"=""
"Password"=""
"WorkDirectory"=""
"InitialProgram"=""
"CallbackNumber"=""
"Callback"=dword:00000000
"Shadow"=dword:00000001
"MaxConnectionTime"=dword:00000000
"MaxDisconnectionTime"=dword:00000000
"MaxIdleTime"=dword:00000000
"KeyboardLayout"=dword:00000000
"MinEncryptionLevel"=dword:00000002
"NWLogonServer"=""
"WFProfilePath"=""
"WdPrefix"="RDP"
"TraceEnable"=dword:00000000
"TraceDebugger"=dword:00000000
"TraceClass"=dword:00000000
"ColorDepth"=dword:00000003
______________________________________________________________________________________________________
___________________________________________________________________________________________________________________
DESABILITAR AUTO RUN UNIDADES CD/DVD
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"DependOnGroup"=hex(7):53,00,43,00,53,00,49,00,20,00,6d,00,69,00,6e,00,69,00,\
70,00,6f,00,72,00,74,00,00,00,00,00
"ErrorControl"=dword:00000001
"Group"="SCSI CDROM Class"
"Start"=dword:00000001
"Tag"=dword:00000002
"Type"=dword:00000001
"DisplayName"="Controlador de CD-ROM"
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,63,00,64,00,72,00,6f,00,6d,00,2e,\
00,73,00,79,00,73,00,00,00
"AutoRun"=dword:00000000
"AutoRunAlwaysDisable"=hex(7):4e,00,45,00,43,00,20,00,20,00,20,00,20,00,20,00,\
4d,00,42,00,52,00,2d,00,37,00,20,00,20,00,20,00,00,00,4e,00,45,00,43,00,20,\
00,20,00,20,00,20,00,20,00,4d,00,42,00,52,00,2d,00,37,00,2e,00,34,00,20,00,\
00,00,50,00,49,00,4f,00,4e,00,45,00,45,00,52,00,20,00,43,00,48,00,41,00,4e,\
00,47,00,52,00,20,00,44,00,52,00,4d,00,2d,00,31,00,38,00,30,00,34,00,58,00,\
00,00,50,00,49,00,4f,00,4e,00,45,00,45,00,52,00,20,00,43,00,44,00,2d,00,52,\
00,4f,00,4d,00,20,00,44,00,52,00,4d,00,2d,00,36,00,33,00,32,00,34,00,58,00,\
00,00,50,00,49,00,4f,00,4e,00,45,00,45,00,52,00,20,00,43,00,44,00,2d,00,52,\
00,4f,00,4d,00,20,00,44,00,52,00,4d,00,2d,00,36,00,32,00,34,00,58,00,20,00,\
00,00,54,00,4f,00,52,00,69,00,53,00,41,00,4e,00,20,00,43,00,44,00,2d,00,52,\
00,4f,00,4d,00,20,00,43,00,44,00,52,00,5f,00,43,00,33,00,36,00,00,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum]
"0"="IDE\\CdRomHL-DT-ST_DVDRAM_GSA-H44N________________RB01____\\3130303030303030303030303030303030303130"
"Count"=dword:00000002
"NextInstance"=dword:00000002
"1"="IDE\\CdRomAXV_CD/DVD-ROM__________________________2.2a____\\3031303030303030303030303030303030303130"
_________________________________________________________________________________________
____________________________________________________________________________________________________
DESABILITAR DISPOSITIVOS USB
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR]
"Type"=dword:00000001
"Start"=dword:00000004
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,55,00,53,00,42,00,53,00,54,00,4f,\
00,52,00,2e,00,53,00,59,00,53,00,00,00
"DisplayName"="Dispositivo de almacenamiento masivo de datos USB"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
__________________________________________________________________
Atentamente:
Franklin Campo