Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I Want To Instruct My Registry Ii


  • Please log in to reply
10 replies to this topic

#1 73VW1800

73VW1800

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 15 December 2007 - 10:34 PM

Okay, my last post got whisked away to mal/spy/whatever-ware becaue my question peripherally related to a trojan or something.

My question more generally is this:

How do I instruct my registry? I see choices like string value, binary value, DWORD value, etc.
I am new to all of this. I am very aware that banging around in the registry is a dangerous undertaking,
but I want to get proficient nonetheless.

So let's say I inserted this string (binary?) last week in the keyboard section:
00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 3a 00 00 00 00
The "type" listed was REG_BINARY and I found it fascinating as all get out that this killed the caps lock.

I read of an interesting place in the registry where there is a HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations
which, according to my best guess, might allow me to rename a file to "" "" during boot-up before it gets locked-up (as in "in use therefore you cannot access" and I could then get rid of it or modify it as necessary. I need to know how to talk to my registry so I can have this file rename operations feature rename my particular PIA inaccessible file to uselessness.
Can anyone tell me how to write a XP registry key and in what language?
Colin
(I was thinking this might work for any resident trojan or virus type deal that has infected the system but please, do not rush this post off to such repair places, my question is of a different more daily operational nature)

BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,757 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:07:56 AM

Posted 15 December 2007 - 10:49 PM

If you have an infection I would suggest that you apply conventional methods that have proven to be effective and not try to accomplish this through changes in the registry. As you are aware you can irreparably damage you OS by a single missed keystroke in the registry.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,905 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:07:56 AM

Posted 15 December 2007 - 11:42 PM

I 'whisked' your last post away to the malware section, because you did allude to wanting to work with your registry and how it relates to malware. You did after all say "So I have an infection in my computer,". We do have a protocol for where posts belong. Who better to address that than those that deal with malware. Malware is a very specialized and focused segment of working with the registry. So I put it in front of the most knowledgeable group. Since you have an issue with me putting it in front of the best group. I will now delete that post so that we do not have two identical posts confusing the membership and causing confusion and conflicting suggestions. Good luck with your registry edits.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#4 Eyesee

Eyesee

    Bleepin Teck Shop


  • BC Advisor
  • 3,545 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:In the middle of Kansas
  • Local time:10:56 AM

Posted 16 December 2007 - 02:18 AM

As anyone here will advise you, the Windows registry is like messing with an engine in a car
DO NOT mess with it unless you are 100% certain of what you are doing!

Editing the registry is NOT for the feint of heart!

FAILURE TO YIELD THIS ADVICE MAY RENDER YOUR SYSTEM INOPERABLE!
In the beginning there was the command line.

#5 4InTheMorning

4InTheMorning

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 16 December 2007 - 05:58 AM

i understand concerns about registry editing as i am concerned for my own pc's registry. that is why myself and 73vw180 are asking for the best sources of information and guidance that will see that we have an undersatanding on the subject. The microsoft home page has only provided my with 1 accurate hit, and that was for port listings, and the intention was to know what was important before i blocked or opened a port, and what service components used them. I looked in the regedit under the services subkey and found there are more services than are displayed in services.msc. As for keystroke errors... well check and check again i suppose is the best advice if you want to be proficient in registry editing, as it is a administrator tool that needs to be mastered.
Oh by the way, remember to Backup.

Edited by 4InTheMorning, 16 December 2007 - 05:58 AM.


#6 hamluis

hamluis

    Moderator


  • Moderator
  • 56,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:56 AM

Posted 16 December 2007 - 09:24 AM

The best sources of info on the registry would be the documentation for the respective O/S, I would imagine.

But there are websites that also provide useful info.

How to back up, edit, and restore the registry in Windows XP and Windows Server 2003 - http://support.microsoft.com/kb/322756

http://www.google.com/search?hl=en&q=u...the+XP+registry

Louis

#7 73VW1800

73VW1800
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 16 December 2007 - 12:09 PM

But there are websites that also provide useful info.
Louis


Thank-you Louis, that helped set me off in a direction I would like to pursue.
For those who have reminded me yet again that dorking around in the registry is a dangerous undertaking,
may I remind you yet again that I am aware of the risks. This is a learning adventure where you just have to wade into the thickets and brambles of all that you do not know.

Update on my quest:

I shall somehow learn about, and find out how to, and execute, this simple request of my registry to rename this bad file into oblivion. There is a string that I have to write in the Session Manager/PendingRenameOperations key. Apparently, Windows uses this area to remove and/or update files when they do the transparent Windows Update deal we all have to suffer through. As soon as I learn the proper proper protocol, I will share it with you. This hopefully will work for many files you need to remove that are otherwise declared "in use". . . The best way to determine if it is a standalone bad file, I guess, is to see its initial date stamp. My bad file "cfbken.dll" had a very recent date of 12/07, which happened to be the date that my IE got hijacked to some bogus disc cleaner site warning me that I might be infected. . . ya think?

#8 hamluis

hamluis

    Moderator


  • Moderator
  • 56,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:56 AM

Posted 16 December 2007 - 12:25 PM

Well...good luck on your learning project :thumbsup:.

It's nice to know enough about the registry to feel comfortable executing edits which become necessary/desireable from time to time, but I find that most of the ones that I would play with are well-documented on the Web by sources that deem reliable.

I certainly don't want to ever encourage anyone to go mucking about in the registry in the same manner that some go after files when they drift into "I can delete this" behavior, but some will/do...and I hope they have read all the info concerning backing up the registry and their systems.

Louis

#9 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:07:56 AM

Posted 16 December 2007 - 12:48 PM

http://www.pctools.com/guides/registry/ seems a promising place to look for registry hacks.

The registry is like a thermonuclear reaction. Extremely powerful, exceedingly dangerous, and immensely useful. Try not to blow yourself to smithereens!

#10 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:11:56 AM

Posted 16 December 2007 - 03:53 PM

The 2 best pieces of advice I've ever received about a computer were:

1) Backup your registry before messing with it - that'll save you if you change something you shouldn't
2) Learn to restore your registry from outside of Windows before trying to edit the registry - that way, if Windows won't boot, you can still restore it back and get into your accounts.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#11 CTH_Tom

CTH_Tom

  • Members
  • 295 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 16 December 2007 - 04:50 PM

When I first got W98 I was like you and wanted to learn by trail and error about the OS and in particular the registry.
Go ahead and explore and experiment. Backup anything on the computer files, programs, e-mail addys, etc. that you will need after you have to reinstall XP. :thumbsup:
X




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users