Freeware to view hidden registry entries.
in [Freeware]
|
From: za kAT on 10 Apr 2010 15:14 On Sat, 10 Apr 2010 21:27:14 +0200, B. R. 'BeAr' Ederson wrote: My point being in this case, that if John thinks some 'confidential data' may have been 'harvested', then data from the previous system could potentially contain that, not just the registry. If you have thousands of files, how would you know? For instance you could hide the information in image files. -- zakAT(a)pooh.the.cat - www.zakATsKopterChat.com
From: John Corliss on 10 Apr 2010 19:39 za kAT wrote: > On Sat, 10 Apr 2010 20:01:27 +0200, B. R. 'BeAr' Ederson wrote: > >> On Sat, 10 Apr 2010 17:04:32 +0100, za kAT wrote: >> >>>> When there are reasons to mistrust a setup, it is better to do a clean >>>> re-install and just copy the data... >>> >>> Assuming 'whatever' isn't hidden in the data... >> >> As long as there is no trigger mechanism (trojan, software bug) left >> or comes new onto the system, one is pretty safe from "whatever" that >> is hidden in the data... ;-) > > John seems concerned about 'whatever' could have been hidden in the > registry. I can't see hiding 'whatever' in the data, presents a real > problem either. I'm assuming 'whatever' refers to confidential data, not > malware. > >> Btw., if one wishes to retain a software [freeware, of course ;-) ] >> archive after a clean install following an (assumed) security breach, >> the /least/ security measure should be to wait a couple of weeks before >> running /any/ software from that archive. >> >> All archived programs ought to be scanned by at least one trustworthy >> up-to-date AV program at this point. > > Yep, or preferably from a clean backup. > >> Again, most people know this. Yet few really follow this path... > > I'd say 60-70% of people have evolved inner ear flaps which close whenever > backups are discussed. What? -- John Corliss BS206. I block all Google Groups posts due to Googlespam, and as many posts from anonymous remailers (like x-privat.org for eg.) as possible due to forgeries posted through them. No ad, CD, commercial, cripple, demo, nag, share, spy, time-limited, trial or web wares OR warez for me, please. Adobe Flash sucks, DivX rules.
From: John Corliss on 10 Apr 2010 19:43 B. R. 'BeAr' Ederson wrote: > John Corliss wrote: > > [Native Registry Editor (NtRegEdit)] >> I thank Brian for posting it. I downloaded the program and will check >> it out. > > It shows long key and value names as well as string values containing > 0x00 bytes. Please note, that its function to search for hidden entries > only lists the 0x00 byte ones, though. The long entries are generally > valid (not showing them is just an implementation flow); therefore they > are not listed as hidden. Eh... the download is uncompiled code. I wasn't able to find a download for a ready-to-use version of the program. -- John Corliss BS206. I block all Google Groups posts due to Googlespam, and as many posts from anonymous remailers (like x-privat.org for eg.) as possible due to forgeries posted through them. No ad, CD, commercial, cripple, demo, nag, share, spy, time-limited, trial or web wares OR warez for me, please. Adobe Flash sucks, DivX rules.
From: B. R. 'BeAr' Ederson on 10 Apr 2010 21:01 On Sat, 10 Apr 2010 16:43:44 -0700, John Corliss wrote: >> [Native Registry Editor (NtRegEdit)] > Eh... the download is uncompiled code. I wasn't able to find a download > for a ready-to-use version of the program. http://www.codeproject.com/KB/applications/NtRegEdit.aspx If you aren't sure which VC libraries you have installed, get the "all demos" *.zip and try all three compiled versions. BeAr -- =========================================================================== = What do you mean with: "Perfection is always an illusion"? = ===============================================================--(Oops!)===
From: Johnw on 10 Apr 2010 20:40
B. R. 'BeAr' Ederson used his keyboard to write : > On Sat, 10 Apr 2010 16:43:44 -0700, John Corliss wrote: > >>> [Native Registry Editor (NtRegEdit)] >> Eh... the download is uncompiled code. I wasn't able to find a download >> for a ready-to-use version of the program. > > http://www.codeproject.com/KB/applications/NtRegEdit.aspx > > If you aren't sure which VC libraries you have installed, get the > "all demos" *.zip and try all three compiled versions. > > BeAr For those that are wanting to download NtRegEdit & don't want to register at codeproject, this link downloads NtRegEdit_all_demos. http://www.softpedia.com/get/Tweak/Registry-Tweak/NtRegEdit.shtml |