LOCKUSB.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR]
"Type"=dword:00000001
"Start"=dword:00000004
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,55,00,53,00,42,00,53,00,54,00,4f,\
00,52,00,2e,00,53,00,59,00,53,00,00,00
"DisplayName"="USB 大容量存储设备"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
UNLOCL.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,55,00,53,00,42,00,53,00,54,00,4f,\
00,52,00,2e,00,53,00,59,00,53,00,00,00
"DisplayName"="USB 大容量存储设备"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
怎么修改注册表禁用USB口 注意:实际使用中发现路径反斜杠有错误的情况存在,
一.BIOS设置)
重新启动计算机,在启动过程中按键盘上的Delete键,进入BOIS设置界面,选择“Integrated Peripherals”(集成设备)选项,展开后将“USB 1.1 Controller”(USB1.1控制器)和“USB 2.0 Controller”(USB2.0控制器)选项的属性设置为“Disabled”(禁用)。再给BOIS设置上一个密码,这样他人就不能轻易修改BOIS设置了。
缺点:当你想再用USB设备就比较麻烦
二.注册表法
禁止使用USB存储设备的注册表内容如下
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR]
"Type"=dword:00000001
"Start"=dword:00000004
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,55,00,53,00,42,00,53,00,54,00,4f,\
00,52,00,2e,00,53,00,59,00,53,00,00,00
"DisplayName"="USB 大容量存储设备"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
在记事本把上面的代码保存成一个名为lockusb.reg的reg文件,然后双击该文件导入注册表就完成了禁止该计算机使用USB存储设备的操作。所有用户都无法用USB存储设备了。
开启USB存储设备使用权限的注册表内容如下:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,55,00,53,00,42,00,53,00,54,00,4f,\
00,52,00,2e,00,53,00,59,00,53,00,00,00
"DisplayName"="USB 大容量存储设备"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\
00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
上面的代码保存成一个以unlockusb.reg后缀的reg文件,双击该文件导入注册表就完成了开启该计算机使用USB存储设备的操作。所有用户都可以使用USB存储设备。
优点:使用方便
缺点:不能防止别人用解锁代码改回注册表,如果需要更安全的性能,可考虑禁用注册表。这里不在讨论。
三.软件法
USB加锁王可以实现这一功能,从驱动级对计算机的USB设备进行控制,安全级别高,可靠性高。
不过这个软件不是免费滴。
四.终结者(必杀技)
把主板上的USB接口撬下来就可以了,呵呵,
推荐使用注册表法
注意:实际使用中发现路径反斜杠有错误的情况存在,
此批处理程序最好在域环境下使用,因为被禁用的用户如果有管理员权限,这种禁用是可以被破的
1、禁用USB批处理:把下死文字保存为.bat文件,就成了禁用USB接口的脚本:
@echo off
COPY %WINDIR%/inf/usbstor.inf %WINDIR%/usbstor.inf
COPY %WINDIR%/inf/usbstor.PNF %WINDIR%/usbstor.PNF
DEL %WINDIR%/inf/usbstor.inf
DEL %WINDIR%/inf/usbstor.PNF
reg add "HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/USBSTOR" /v Start /t reg_dword /d 4 /f
echo on
2、启用USB批处理:把下死文字保存为.bat文件,就成了启用USB接口的脚本
@echo off
COPY %WINDIR%/usbstor.inf %WINDIR%/inf/usbstor.inf
COPY %WINDIR%/usbstor.PNF %WINDIR%/inf/usbstor.PNF
reg add "HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/USBSTOR" /v Start /t reg_dword /d 3 /f
echo on
如果你的所有计算机都有同一个管理员,且密码相同,你还可以用下面的批处理远程检查一下是否禁用成功了
@echo off
for /f "delims=" %%i in (C:/hosts.txt) do net use //%%i/c$ "管理员密码" /user:"管理员用户名" & if errorlevel 1 (
echo %%i false>>C:/false.txt) else (
if exist //%%i/c$/WINDOWS/inf/usbstor.inf (echo %%i false>>C:/false.txt ) else (
echo %%i successed>>C:/successed.txt)
)
echo on
阅读全文
原理:
注册表法(适用于Windows XP/2003)
利用该方法可以锁定电脑上的USB接口,从而达到禁止他人使用闪盘或移动硬盘等可移动存储设备的目的。
在“运行”对话框中输入“regedit”,回车后,打开注册表编辑器,依次展开如下分支[HKEY_LOCAL_MACHINE\SYSTEM\CurrentCntrolSet\Services\USBSTOR],在右侧的窗格中找到名为“Start”的DWORD值,双击,在弹出的编辑对话框中将其数值数据修改为十六位进制数值“4”。点“确定”按钮并关闭注册表编辑器,重新启动计算机,使设置生效。重启后,当有人将USB存储设备连接到计算机时,虽然USB设备上的指示灯在正常闪烁,但在资源管理器当中就是无法找到其盘符,因此也就无法使用USB设备了。
提示:“Start”这个键是USB设备的工作开关,默认设置为“3”表示手动,“2”是表示自动,“4”是表示停用
转载于:https://blog.51cto.com/zqslzr/1968714
扫一扫
5426
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
