MSTSC/RDP – How To Clean Up Your History

Update 2012.11.20 – I have posted another article “MSTSC/RDP for the Paranoid – Never Save History The Easy Way!” in this I explain how to prevent mstsc.exe from writing to the registry and never saving your data. SO after you use this post to clean up your history you can use the other method to prevent it from ever being saved again!

If you use Microsoft Terminal Service Connect (MSTSC.exe) to access machines in your network, you will find that after time your history will be saved and gets populate in the drop down list of the program. I personally don’t like leaving a trail showing where I have been! I know people think I am over secure but I don’t want server information sitting around on virtual scraps of paper personally. After some digging I found that this information is being pulled from the registry key “HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\”. I also found out there is all kinds of info under this registry key like printers you used, server names, what user you last connected with, all the kinds of stuff that I just don’t want out there! This is half the battle for a bad guy if they wanted access to my servers. For most people this is just a handy feature to remember servers that you have connected to, for me I don’t need bread crumbs to find my way home I already know how to get there, so why leave them for someone else to follow? To satisfy my security paranoia I found 2 quick and easy ways to solve this problem.

 

  1. Stop the problem before it starts: MSTSC.exe support a public switch “mstsc.exe /public”.  The public switch should be used when you are using a public computer or you do not want any information from this connection stored in the registry of the machine. This is the best way I found to stop this information from being stored on the computer. If you are on someone elses machine just remember to add the /public switch when running the program from the run dialog. This will take care of everything going forward what about everything before you started to do this? Solution 2 will help.
  2. Remove Registry entries: From testing on my Windows 7 x64 machine, I have found that all the information is stored under the registry key “HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\” The best part is that this registry key is created if it is not there already, MSTSC.exe builds this registry key the first time it runs. So because it does this we can delete the entire key and everything under it to wipe our history and it will recreate anything it needs the first run again. Some people might want to use a registry file instead of manually editing the registry so below is the code to do it:

 

If you save the following to a .reg file and run it it will remove the key for you, The – in front of the key path tells it to remove the key.

 

PLEASE MAKE A BACKUP OF YOUR REGISTRY FIRST!!!

 

So by wiping out my history and the continual use of the /public switch has kept my history clean!

 

Signature

© Caspan 2011