I'm afraid, my fellow WINanons, this will be the last obscure registry hack of the day (from me, anyway). My pop-in to see how 4chan is doing, for the first time since the hack, has been a rather underwhelming experience (this thread has been about the only highlight) - and since I hardly ever come here anymore anyway, it's obviously come time to draw a line under this place. I bid you anons farewell.
The obscure registry hack of the day is...
>rolls dice
"Enable stricter Windows Authenticode signature verification"
REGEDIT4

; Until late 2013, there's was a flaw in how Windows created and checked
; signatures on signed executables that left some 'wiggle room' to modify
; an executable before Authenticode started screaming that it wasn't properly
; signed. It was considered bad enough that it got its own CVE and everything
; (CVE-2013-3900); Microsoft promptly fixed the bug, and were going to make
; it the default... until they realised just how many improperly-signed-but-
; perfectly-harmless executables there were in circulation, so they chickened
; out and made it optional. It was always considered a smart idea to enable
; these stricter checks however (especially now, when there are far fewer of
; these improperly-signed, pre-2013 executables in the wild), so you'd need a
; pretty good excuse not to enable this nowadays.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Wintrust\Config]
"EnableCertPaddingCheck"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Wintrust\Config]
"EnableCertPaddingCheck"=dword:00000001