1. How to get
In the Windows XP installation CD (try other versions by yourself), find the regini.ex_ file in the I386 directory and extract it with the command. The command is as follows:
%SystemRoot%\System32\ "\\?\CDROM0\I386\regini.ex_" "C:\"
Then copy the generated file from the C drive to where you need it.
Suggestion: Do not download from untrusted websites.
2. Give a brief example
First open it to watch the changes produced in each step, copy the following content to Notepad, save it as a file, and then use the following command:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
HKEY_CURRENT_USER\example0
HKEY_CURRENT_USER\example0
"example1" = REG_DWORD 1
HKEY_CURRENT_USER\example0
"example2" = REG_SZ "This is an example!"
HKEY_CURRENT_USER\example0
"example3" = REG_MULTI_SZ "This is the first line!" "This is the second line!" "This is the third line!"
HKEY_CURRENT_USER\example0
"example4" = REG_EXPAND_SZ "This is an example! This is an example! This is an example! This is an example! This is an example!"
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
HKEY_CURRENT_USER\example0 [2 8 19]
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Modify the first script and run it again:
There was no response, it seemed that it had worked, and the key value became read-only!
3. Permission Code Table
1 - Administrators Full access
2 - Administrators Read access
3 - Administrators Read, Write access
4 - Administrators Read, write, delete access
5 - Creator Full Access
6 - Creator Read, Write Access
7 - everyone Full access
8 - everyone read access
9 - everyone Read, write access
10 - everyone Read, write, delete access
11 - Power Users Full Access
12 - Power Users Read, Write Access
13 - Power Users Read, Write, Delete Access
14 - System Operators Full Access
15 - System Operators Read, Write Access
16 - System Operators Read, write, delete access
17 - System Full Access
18 - System Read, Write Access
19 - System Read Access
20 - Administrators Read, write, and execute access
21 - Interactive User Full Access
22 - Interactive User Read, Write Access
23 - Interactive User Read, write, delete access
4. Where to use it
After installing the system and antivirus software, delete some service keys, modify some permissions of the self-start keys, file-associated keys, etc. But then again,
Since we can easily modify permissions, we can also modify the virus back. The way to prevent it is to transfer files and then use the registry monitoring software.
Change the name of a certain registry monitoring software, and it is best to add a shell (not anti-virus software, but malicious anti-virus termination), add it to the service, and call the alarm once there is any modification.
In the Windows XP installation CD (try other versions by yourself), find the regini.ex_ file in the I386 directory and extract it with the command. The command is as follows:
%SystemRoot%\System32\ "\\?\CDROM0\I386\regini.ex_" "C:\"
Then copy the generated file from the C drive to where you need it.
Suggestion: Do not download from untrusted websites.
2. Give a brief example
First open it to watch the changes produced in each step, copy the following content to Notepad, save it as a file, and then use the following command:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
HKEY_CURRENT_USER\example0
HKEY_CURRENT_USER\example0
"example1" = REG_DWORD 1
HKEY_CURRENT_USER\example0
"example2" = REG_SZ "This is an example!"
HKEY_CURRENT_USER\example0
"example3" = REG_MULTI_SZ "This is the first line!" "This is the second line!" "This is the third line!"
HKEY_CURRENT_USER\example0
"example4" = REG_EXPAND_SZ "This is an example! This is an example! This is an example! This is an example! This is an example!"
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
HKEY_CURRENT_USER\example0 [2 8 19]
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Modify the first script and run it again:
There was no response, it seemed that it had worked, and the key value became read-only!
3. Permission Code Table
1 - Administrators Full access
2 - Administrators Read access
3 - Administrators Read, Write access
4 - Administrators Read, write, delete access
5 - Creator Full Access
6 - Creator Read, Write Access
7 - everyone Full access
8 - everyone read access
9 - everyone Read, write access
10 - everyone Read, write, delete access
11 - Power Users Full Access
12 - Power Users Read, Write Access
13 - Power Users Read, Write, Delete Access
14 - System Operators Full Access
15 - System Operators Read, Write Access
16 - System Operators Read, write, delete access
17 - System Full Access
18 - System Read, Write Access
19 - System Read Access
20 - Administrators Read, write, and execute access
21 - Interactive User Full Access
22 - Interactive User Read, Write Access
23 - Interactive User Read, write, delete access
4. Where to use it
After installing the system and antivirus software, delete some service keys, modify some permissions of the self-start keys, file-associated keys, etc. But then again,
Since we can easily modify permissions, we can also modify the virus back. The way to prevent it is to transfer files and then use the registry monitoring software.
Change the name of a certain registry monitoring software, and it is best to add a shell (not anti-virus software, but malicious anti-virus termination), add it to the service, and call the alarm once there is any modification.