Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 291
  • Last Modified:

Remove items in Startmenu by editing windows-register

Hi!
We are trying to setup a secure computer to ensure that a user doesn't destroy something in the system.
But I don't know how I can remove items in the programfolder in the Startmenu. I need to remove "cmd.exe" and "Win NT Explorer".
Does anyone know what key/value to set in the register?

/Micke
0
mickehallgren
Asked:
mickehallgren
  • 4
  • 3
  • 2
  • +1
1 Solution
 
sramesh2kCommented:
The shortcut will be available in the following location. Delete it.

C:\Documents and Settings\All Users\Start Menu\Programs
and
C:\Documents and Settings\<UserNAME>\Start Menu\Programs

substitute <username> with a valid username.

0
 
sramesh2kCommented:
C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
0
 
sramesh2kCommented:
C:\Documents and Settings\<Username>\Start Menu\Programs
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
mickehallgrenAuthor Commented:
I don't wan't to change the profile of a user. I wan't to do the changes in the windows-registry.

The reason why I want to do this is to complicated to write about here.

/M
0
 
PaulBobbyCommented:
Then you're talking about setting Policy.

You didn't mention which flavour of windows you're running, Policy settings for NT and 2000, talking about running group edit for XP... so let us know.

If you're serious about locking down a PC and turning it in to something of a kiosk (running only a few applications), then that is a separate problem but one that even Microsoft has documented the procedure for. Norton and others even make products that can lock your PC down.

If you're worried about the end-user buggering up the computer, it requires a solution greater than just removing cmd.exe and windows NT explorer.

Users download all sorts of stuff, you can run 'things' from the browser location line if you've disabled start->run, etc etc.... tons of other ways.

I suggest you define "ensure that a user doesn't destroy something in the system".... 'cause that could mean covering the computer in a waterproof casing in the event the user spills coffee on to it :)
0
 
mickehallgrenAuthor Commented:
I'm using WinNT 4.0.

I don't wan't to do a permanent change in the system. I'm using a cryptocard to get access to the windows-login. In the cryptocard there is info about what kind of user it is. Later during the login I set up the environment by editing the windows-registry. And depending on usertype I want to hide items in startmenu.

This is the only thing left to do a "usersafe" computer... All other stuff is closed down. The only thing a user can do is to start notepad.exe or our own developed program.
0
 
oBdACommented:
That can be accomplished with a system policy. Redirect the default start menu path to a customized one with only the shortcuts in it you need.
0
 
mickehallgrenAuthor Commented:
Thank's! The reason the answer is "Average" is that you could've told me which keys in registry to edit. Anyway, here is my solution:

void SetUserDeskTop(int ValueData)
{
  HKEY  StartRegKeyHandle;
  WCHAR StartRegKeyPath[]             = L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\User Shell Folders";
  WCHAR StartMenuData[80];
  WCHAR StartMenuProgramData[80];

...
...

  if(ValueData==SAFEMODE)
  {
    NoDriveTypeAutoRunValueData=95;
    wcscpy(StartMenuData,L"c:\\program\\gina\\Start Menu");
    wcscpy(StartMenuProgramData,L"c:\\program\\gina\\Start Menu\\Programs");
  }
  else if(ValueData==OPENMODE)
  {
    NoDriveTypeAutoRunValueData=0;
    wcscpy(StartMenuData,L"%USERPROFILE%\\Start Menu");
    wcscpy(StartMenuProgramData,L"%USERPROFILE%\\Start Menu\\Programs");
  }

  // ----------------Open key and assign a new path for the Start menu----------------
  RegCreateKey( HKEY_CURRENT_USER,
              StartRegKeyPath,
              &StartRegKeyHandle );
  wcscpy(ValueName,L"Start Menu");  
  RegSetValueEx(StartRegKeyHandle,ValueName, 0, REG_EXPAND_SZ, (PBYTE)&StartMenuData, sizeof(StartMenuData) );

  wcscpy(ValueName,L"Programs");  
  RegSetValueEx(StartRegKeyHandle,ValueName, 0, REG_EXPAND_SZ, (PBYTE)&StartMenuProgramData, sizeof(StartMenuProgramData) );

  RegCloseKey(StartRegKeyHandle);

...
...

}
0
 
oBdACommented:
The answer would have just been a question away ...
When I suggested the system policy, I was at home and didn't have the .adm file at hand to extract the key, and then I thought "Oh well, he's going to ask if he really needs it ..."
May I ask anyway why you manipulate the registry directly instead of using an already existing system policy?
0
 
mickehallgrenAuthor Commented:
We have developed an own gina.dll so we have full controll of the loginbehaviour. To the computer we have connected a smartcardreader for extended loginprotection. So every user have their own logincard and we need to change the user-rights depending on what kind of smartcard the user has inserted to the reader.

So the rights are changed by editing the registry in C++ when a user is logged on.

Hope you understand, my english is not so good...
/Micke
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 4
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now