Disabling Admin Shares in Windows Desktop

 

Admin Shares are those shares that are created automatically by Windows OS. When you open Computer Management, expand Shared Folders, and click on Shares you will see a lot of shares with share names ending in “$”. These are all admin shares. We can disable all the admin shares except IPC$ using the following method

 
Goto HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters

Create the following key or change its value

KeyName: AutoShareWks

Type: REG_DWORD

Value: 0 (Decimal)

 

 

Now open Run. Type “services.msc”. In the appeared “Services” window restart the service named “Server”.

 

Now when you open Computer Management, expand Shared Folders, and click on Shares you will see as follows.

Disabling IPv6 in Windows

 

Goto HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters

Create the following key or change its value

KeyName: DisabledComponents

Type: REG_DWORD

Value: 255 (Decimal)

Windows Registry location for Start-up Items

Login to Windows as administrator user. Now type “regedit” in the Run window. Press enter. This will bring the Registry Editor application.
Expand to the following key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
As shown in the screen shot below the key will list the items that will start on logging to windows.You can delete the unwanted entries from the right pane [Please take a backup of registry before dealing with it]

Also you can check one more key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
This key belongs to that of the current user. From this key also you can delete unwanted entries.
This key is for user specific startup setting while the first one is for machine specific startup setting. The entries under the first one will affect all the users of the system, while the entries under this key will affect only the current user. In our case this is the administrator user of the system

Mapped network drives in Windows 7 Registry

When we map a network drive persistently in windows 7 an entry relating to the drive is created under the following key in registry:

HKEY_CURRENT_USER\Network

For each drive a key with the name as that of the drive letter is created. For example if you mapped a network drive with letter “W” the key will be “HKEY_CURRENT_USER\Network\W”

The key will contain the following values

 

Value Name	Type	Description	Default Value
Connection Type	REG_DWORD	What is the type of this connection. If it is Drive redirection the value will be 1 and if it is Print redirection value will be 2	1
DeferFlags	REG_DWORD	Whether the drive need to be connected immediately on logon or not. If the mapped drive’s credential is same as that of logged on user or the credentials have been saved the value will be 4. If the username part of the credential is different and password not saved value will be 1.
ProviderName	REG_SZ	What type of network provider is used to connect to the network drive	Microsoft Windows Network
ProviderType	REG_DWORD	What type of Provider is used. For Microsoft LanMan Provider the value will be 0x002000. For other third party vendor provider different numbers will come	0x002000
RemotePath	REG_SZ	UNC path of the share
UserName	REG_SZ	The username used to connect to the share. If current user is used the value will be blank.	(blank)