Jump to content

regedit + regedt32

mitsukai

By mitsukai
in nLite

 Share

Recommended Posts


johnhc

johnhc

Posted
Posted

mitsukai,

I am running XP x64, so I have even more of these (32 and 64 bit versions). In both cases Regedt32 is small (5k or 7.5K) and Regedit is larger (144k or 219k). I suspect that the smaller ones are used to set conditions and call the larger ones. I also suspect many, many programs use one or the other routines to get their work done. If you remove any one or both I suspect will result in lots of programs (especially installers) to fail. If you are running under a virtual system, give it a try. It would be interesting to know what happens. I should also point out that Regedt32 is also in the DLL cache and probably protected by SFC/WFP, which can be turned off in nLite.

Enjoy, John.

Link to comment
Share on other sites
jaclaz

jaclaz

Posted
Posted

For the record, and probably unneeded, the "dependencies" of regedit appear to be a bit complex and I guess that most Registry editing programs use the same ones.

In this seemingly unrelated thread, you will find a list of the actual dependencies:

http://www.boot-land.net/forums/index.php?showtopic=3717

and an almost (but not fully) working "native" Registry Editor that needs none of them.

jaclaz

Link to comment
Share on other sites
mitsukai

mitsukai

Posted
  • Author
Posted (edited)

ok i want to do the same thing that is done there.

basicly make a windows that has no "software" in it. remove all components in nlite. and after that remove all left over by hand... regedit... all the commandline tools. even mmc and the CPL bits... basicly anything that is possible to be deleted...

I also have a copy of windows embeded 2009 i took minlogon from there and i integrated this in the nlite install, but at first boot it goes wrong.

But im also pretty sure that alot of features of winlogon can be removed through the registry keys.

please pm me your msn... its easier to ask for help, if you arnet to busy..

ok these guys seem todo it diffrent.

what i am gonna try is, make my vmware use one of my partitions as a virtual hard drive, install a xp with all componennts remove. then i will shut down the vm and then remove all files made in my partition. Then i will add file by file, and go from there. The only problem i am facing is i need a tool to edit the registry files in system32/config.

I am also a programmer so i can make replacements for tools which have no dependencies!

If i can do this i will be able to make a very lite capable xp..

any help is welcome please pm me yahoo/msn..

Edited by mitsukai
Link to comment
Share on other sites
jaclaz

jaclaz

Posted
Posted

Well, I have NO msn/yahoo anything. :blink:

What is the problem opening a thread here or (better for this particular topic) on boot-land?

You can also try using this app for OFFLINE Registry editing:

http://www.boot-land.net/forums/index.php?showtopic=4684

Why don't you join the XPCLI project? :unsure:

The idea is starting from the LEAST possible configuration and ADD things, INSTEAD of REMOVING a bunch of things, then remove some more, then remove some more....and get to the point where cross-dependencies makes everything a mess.

This way the build is "modular" and if each "item" is complete of all dependencies, each item will be "self-standing" and addable or not.

jaclaz

Link to comment
Share on other sites
mitsukai

mitsukai

Posted
  • Author
Posted

> Board Offline

The board backup is being performed. We will be back online once it is complete.

anyway... im going todo it file by file, key by key.

i will use a diffrent shell(blackbox for now) and minlogon from my XPe.

you are completly right about the "modular" thing, But in my case i want to make replacements of almost evrything(maybe not in the beginning, start with notepad, a simple explorer etc.)

I think i will be looking into C with assembly (look here http://www.phreedom.org/solar/code/tinype/)

since i will use the NTDLL.DLL which contains almost all the base functions, dependencies of my software will be small and with tinype these programs might only be a few 10's KB.

Maybe i will even end up programming my own wireless configuration service. (i have no idea how im going todo this but i will have to look into r

egistry keys for this and into linux wireless drivers)

But for now the most imporant for me is to make the very basic build with blackbox working.

Link to comment
Share on other sites
jaclaz

jaclaz

Posted
Posted
what is the registery key for changing the shell?

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

or if you prefer

SOFTWARE

Microsoft\Windows NT\CurrentVersion\Winlogon

Value "Shell"

and the raw reg program i cannot add a new key ...it jsut does not work

The app is still highly experimental, and the interface is a little different from usual ones.

Just right click on the parent key and choose "Add".

You cannot (yet ;)) add a new value, you can only edit existing values.

jaclaz

Link to comment
Share on other sites
mitsukai

mitsukai

Posted
  • Author
Posted (edited)

right now im building a list of required registry keys and dll's for the basic files (minlogon, lsass.exe, services.exe, blackbox.exe) (i dont know if svchost.exe and run32dll is required for now)

minlogon strings:

01001210: 'PrimaryDnsSuffix',0000h
01001234: 'NV PrimaryDnsSuffix',0000h
01001260: 'Software\Policies\Microsoft\System\DNSclient',0000h
010012BC: 'Domain',0000h
010012CC: 'NV Domain',0000h
010012E0: 'Hostname',0000h
010012F4: 'NV Hostname',0000h
01001310: 'System\CurrentControlSet\Services\Tcpip\Parameters',0000h
01001378: 'SAS window class',0000h
0100139C: 'SAS window',0000h
010013C8: 'Skew1',0000h
010013E0: 'System\CurrentControlSet\Control\Lsa',0000h
0100142C: 'SecurityService',0000h
0100144C: 'UuidSequenceNumber',0000h
01001474: 'Software\Microsoft\Rpc',0000h
010014A4: 'SecureBoot',0000h
010014F8: 'Winsta0\Default',0000h
01001518: 'LsaStart',0000h
0100152C: 'ServiceControllerStart',0000h
0100155C: 'Config',0000h
0100156C: 'Userinit',0000h
01001580: 'Shell',0000h
0100158C: 'SetupType',0000h
010015A0: 'FactoryPreInstallInProgress',0000h
010015D8: 'SystemSetupInProgress',0000h
01001604: 'CmdLine',0000h
01001614: 'cmd.exe',0000h   
01001628: '%SystemRoot%\system32\lsass.exe',0000h
01001668: '%SystemRoot%\system32\services.exe',0000h
010016B0: 'System\Setup',0000h
010016D0: 'Software\Microsoft\Windows NT\CurrentVersion\Winlogon',0000h
0100173C: ' -setup',0000h
0100174C: ' -nolsa',0000h
0100175C: 'Default',0000h
0100176C: 'Winlogon',0000h
01001780: 'WinSta0',0000h
01001790: 'USERPROFILE',0000h
010017A8: 'COMPUTERNAME',0000h
010017C4: 'InitShutdown',0000h
010017E0: '\INSTALLATION_SECURITY_HOLD',0000h
01001818: '\SAM_SERVICE_STARTED',0000h
01001844: 'shsvcs.dll',0000h
0100185C: 'RpcSs',0000h
01001868: 'SamSs',0000h
01001874: '\Security\WxApiPort',0000h
01001A6C: 'eventlog',0000h
01001A80: '\Registry\Machine\System\CurrentControlSet\Control\SecurePipeServers\',0000h
01001B0C: 'ncacn_np',0000h
01001B20: '\PIPE\',0000h

-setup and -nolsa seems to be command lines?

i think minlogon can be made so it does not execute lsass.exe

Edited by mitsukai
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...