Jump to content

Disable CMD.exe


rootfixxxer

Recommended Posts

How can i disable the command prompt for all users using the registry?

I know how to do this in the control panel, but i want that the command prompt be disable by default.

And by the way there«s any way to prevent users to run the taskkill?

Link to comment
Share on other sites


Disable cmd prompt:

(HKLM or HKCU)\\Software\\Policies\\Microsoft\\Windows\\System

DisableCMD=DWORD

set to 1 to disable the cmd prompt but allow batch files.

Set to 2 to disable cmd and batch files

Disable Task Manager:

(HKLM or HKCU)\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System

DisableTaskManager=DWORD

Set to 1 to disable

Link to comment
Share on other sites

Ok, i got if, you need only the registry tweak to disable your CMD command & Batch file to run... ok here is it

Open registry typing regedit command in run then goto

HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System

create a REG_DWORD file and give "DisableCMD" name

Now: if you want to disable CMD & Batch then give value=1

If you want to disable only CMD but not batch then give value=2

If you want to allow both of them then give the value=0 (default)

I hope it will solve your prob.

Link to comment
Share on other sites

No, i don't think so, if it exist then i don't know..

But you can do 1 think. you can rename cmd.exe found in \windows\system32

If you want then create a batch file to rename that file at startup then no user can run cmd command, if any one need to run then they should re-rename file to cmd.

Link to comment
Share on other sites

Yes, it DOES work. Trust me ;)

I'll make a reg file to do it for you for all users.

If you want to do it for one individual user, it's a bit more complicated. You'll need to load their hive and edit it from there as if it were HKCU.

There is an MS KB article on it. To load that user's hive, open regedit, click on HKEY_USERS, open the file menu, click "Load Hive". No, navigate to that user's folder, usually C:/Documents and Settings/thatusername. Click on NTUSER.DAT and click ok. Name the key whatever; they're username works well. Now navigate to HYEK_USERS\\ThatKey\\Software\\Policies\\Microsoft\\Windows\\System. Right-click and choose New -> DWORD value, then double-click it. Set it to 1 to allow batch files to run, but not the command prompt, or 2 to disable the command prompt and batch files completely. (It's not the other way around, I checked.) Then, MAKE SURE TO UNLOAD THAT HIVE!!! This is CRITICAL, because if you don't, then when they log on, their profile won't be available. That means any restrictions won't be there, and settings at ALL won't be there. It's not a good situation. Just click on that hive, then go File > Unload hive. Yes, you're sure.

Edited by Idontwantspam
Link to comment
Share on other sites

Whoops. It appears that indeed, it doesn't work under HKLM. I tried it just now. Using gpedit.msc to do it, it puts values in every single account under that HKCU, though I don't know how. It must load and then unload all the profiles or something. So, there's no registry way to do it for ALL users. You can however use gpedit, or else do it for each individual user, which is probably better anyway, since you don't want to restrict cmd for yourself. ;)

Link to comment
Share on other sites

Add the subkey cmd.exe to the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

You don't need anything else except the cmd.exe subkey.

NOTE: You must reboot your system before this registry change will work!

Edited by mhc
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...