Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Creating .reg Files


  • Please log in to reply
3 replies to this topic

#1 Darren De Wilde

Darren De Wilde

  • Members
  • 208 posts
  • OFFLINE
  •  
  • Location:Howell, NJ
  • Local time:07:17 PM

Posted 05 December 2006 - 11:15 PM

Hi all,

When creating a resitry tweak in notepad and clicking on it to deploy the setting, how would the text be for the ShowMenuDelay = 100 under HKCU\DESKTOP\CONTROL PANEL..

I am an advanced enthusiast but there are a few things i dont understand..such as how to invent DWORDS and such that the registry will understand...I hope this question is not too bizzare but I'd like to find out how to turn things on and off..such as EnableBalloons=0 to stop balloon popups on the task bar. I was told to "make this key" from a tweak guide and it got me thinking.."how do you make a key that will work and how do you learn what parts of the registry to add them in" How do malware writers know how to program the registry to make their programs destroy with custom entries???.."

I look forward to the replies and thank you so much for helping me to understand this..I am well aware of the risks and perils of registry tweaking by the way...which is what drives me to learn as much as possible

Thanks for your interests and advice,

Darren :thumbsup:

Edited by Darren De Wilde, 05 December 2006 - 11:18 PM.


BC AdBot (Login to Remove)

 


#2 Darren De Wilde

Darren De Wilde
  • Topic Starter

  • Members
  • 208 posts
  • OFFLINE
  •  
  • Location:Howell, NJ
  • Local time:07:17 PM

Posted 08 December 2006 - 09:50 PM

It certainly seems that this particular question maybe difficult to understand, or the answer is simply too broad to fit into one category. Incase of difficulty understanding the actual question, I can only re-phrase it by asking

how can you invent registry entries or values that can be executed?

Hope this summary will go across a bit better. Thanks for taking an interest and reading this post.

Darren

#3 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:05:17 PM

Posted 09 December 2006 - 08:58 PM

Hmm..you are sort of talking about different aspects of how the registry is used. If you consider that the registry is nothing but a bunch of paramters for various programs, then it becomes a bit simpler to undertand. Yes, the structure is complex, and large, but it is still a warhouse for application parameters. To draw a parallel, the entries in the registry are similar to cookies.

Creating a key for the registry is not difficult. Regedit will enforce keys to fit within specified constraints. You just need to make your program look for the proper key in the registry in order to utilize it. Malware authors can override various keys simply by learning how the various keys are used for various programs, environmental variables, etc.

The tweaks you are talking about are means of overriding default behaviors of various applications. People learn about those by reading the program API's, or reverse engineering programs.

These are sort of vague answers, but the topic of working with the registry is rather broad. There are any number of web pages that can giveyou an introduction to the structure and organization of the registry:
http://www.onecomputerguy.com/app_info/regedit.htm

#4 Darren De Wilde

Darren De Wilde
  • Topic Starter

  • Members
  • 208 posts
  • OFFLINE
  •  
  • Location:Howell, NJ
  • Local time:07:17 PM

Posted 12 December 2006 - 09:46 AM

Groovicus,

Thank you for your detailed insight...at least I have a starting point for my quest to conquer the registry..here's to many many clean re-installs..:-)

Darren




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users