Fully agree, I did not knew them as well, have learned 'bout the Win Defender "hack" via internet only, tooIf you are happy, it means that maybe you do not need them.
Me 2. The only registry tweak I dare to apply.
Do you use security reg tweaks?
- Thread starter Andy Ful
- Start date
- Status
- Sep 26, 2014
- 2,973
I was doing some registry tweaks in my system some years ago.
Sometimes i messed up the system so after a while i stopped doing it.
Nowadays even if i am tempted i am not proceeding.
Maybe if i get a second pc but who knows
Sometimes i messed up the system
so after a while i stopped doing it.Nowadays even if i am tempted i am not proceeding
.Maybe if i get a second pc but who knows
- Aug 31, 2016
- 578
No need for the majority of these tweaks, just use Voodooshield
- Sep 22, 2014
- 1,767
- Sep 22, 2014
- 1,767
After enabling it with GPE go back to regedit and check the value in the key.
- Sep 22, 2014
- 1,767
Hahahah
But the good part of this is that now you know how to do it for the future If you want to know how to do more tweaks with the registry without using GPE (e.g. on Home versions of Windows 10) you can make new policies/changes and work with RegShot to detect the changes made to the registry when adding the changes.
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
You found out this by yourself, so I was late. Every reg tweak I put in my post is exported from the Registry. So, it can be imported via regedit.exe . For example create the file UntrustedFontBlocking.reg in the notepad and copy the text between asterisks:
**********
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\MitigationOptions]
"MitigationOptions_FontBocking"="1000000000000"
**********
then import the UntrustedFontBlocking.reg in regedit.exe (Menu-File-Import) .
- Sep 22, 2014
- 1,767
I'm testing this on virtual machine.
On my main PC i use SRP tweak with Basic user from this thread - CLICK
On my main PC i use SRP tweak with Basic user from this thread - CLICK
- Sep 22, 2014
- 1,767
You found out this by yourself, so I was late. Every reg tweak I put in my post is exported from the Registry. So, it can be imported via regedit.exe . For example create the file UntrustedFontBlocking.reg in the notepad and copy the text between asterisks:
**********
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\MitigationOptions]
"MitigationOptions_FontBocking"="1000000000000"
**********
then import the UntrustedFontBlocking.reg in regedit.exe (Menu-File-Import) .
Or I can use "Merge"...
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
Here is more detailed info:
- Block untrusted fonts and log events
Registry Hive HKEY_LOCAL_MACHINE
Registry Path SOFTWARE\Policies\Microsoft\Windows NT\MitigationOptions
Value Name MitigationOptions_FontBocking
Value Type REG_SZ
Value 1000000000000 - Do not block untrusted fonts
Registry Hive HKEY_LOCAL_MACHINE
Registry Path SOFTWARE\Policies\Microsoft\Windows NT\MitigationOptions
Value Name MitigationOptions_FontBocking
Value Type REG_SZ
Value 2000000000000 - Log events without blocking untrusted fonts
Registry Hive HKEY_LOCAL_MACHINE
Registry Path SOFTWARE\Policies\Microsoft\Windows NT\MitigationOptions
Value Name MitigationOptions_FontBocking
Value Type REG_SZ
Value 3000000000000
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
Yes, of course. I nearly forgot the simplest methods ('left double click', 'Enter' or 'right click - merge') because I use Software Restriction Policies. With SRP all above methods do not work, when the reg file is outside whitelisted folders.
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
It is time to sum up the thread.
Nearly 50% users do not use reg tweaks. There are several reasons for that:
* The detailed information about reg tweaks is not widely known.
* Many users do not know how to apply tweaks safely.
* Restricted code execution can cause issues when running some programs.
* Learning and adopting some good safety rules may be the better way to system security.
* Tweaks are not needed when using good security software (Emsisoft, Kaspersky, ..., AppGuard, NVT ERP, etc.).
* After some time, it is hard to find out which tweaks are actually applied.
* They are not convenient for people that often use scripts.
Why some people use reg tweaks?
* Experienced users can overcome difficulties listed above.
* Windows built-in security is the best for system compatibility/stability.
* Many people use computers only for basic tasks, utilize Windows Store Applications, and do not install many desktop programs (Windows 8+).
* The reg tweaks listed in this thread, when applied safely, do not mess up the system, and significantly harden its security.
Nearly 50% users do not use reg tweaks. There are several reasons for that:
* The detailed information about reg tweaks is not widely known.
* Many users do not know how to apply tweaks safely.
* Restricted code execution can cause issues when running some programs.
* Learning and adopting some good safety rules may be the better way to system security.
* Tweaks are not needed when using good security software (Emsisoft, Kaspersky, ..., AppGuard, NVT ERP, etc.).
* After some time, it is hard to find out which tweaks are actually applied.
* They are not convenient for people that often use scripts.
Why some people use reg tweaks?
* Experienced users can overcome difficulties listed above.
* Windows built-in security is the best for system compatibility/stability.
* Many people use computers only for basic tasks, utilize Windows Store Applications, and do not install many desktop programs (Windows 8+).
* The reg tweaks listed in this thread, when applied safely, do not mess up the system, and significantly harden its security.
Nice work!
I noticed you joined in 2014, but I didn't see your posts until recently (sadly), and I also you are also a developer: Run by Smartscreen utility - keep up the great work!
I do not know if you are familiar with the documented stuff regarding the Native API and the such, but if you ever do get into it/need to use it and need help, let me know in a PM and I'll be happy to help you on using functions like NtTerminateProcess and the such.
Keep up the great work, IMO you are a Trusted Member (in my mind at least) even without the badge and a valued member on the community
Last edited by a moderator:
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
Just speaking the truthThanks for your kind words.
I hope you stay here for at least another 5 years, I've noticed you've been making lots of useful posts lately and just wanted to show my gratitude
Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,484
I've noticed you've been making lots of useful posts, too. Keep it that way.
Thank youI've noticed you've been making lots of useful posts, too. Keep it that way.
But in reality I do not post as much as I used too (on old account - @kram7750, made some ok posts on rootkits and the such... not the best though haha) due to some personal reasons so I just chill with music and do my programming/reverse engineering work haha. But your posts are very nice and educated, I like them some other great members would be all the staff + @DardiM + @tim one (sorry if I didn't mention you here, everyone pretty much makes great posts, I end up spamming the Like button on every post I see) This community is great and really friendly IMO, I doubt there's a better one out there
- Status
