-
January 15th, 2004, 06:24 PM
#11
groovicus
groovicus I never said my registry kept track of the date, but I knew the date of the registry alteration in my own reference. I said I was looking for a program that did keep track of chronological alterations/additions.
-
January 15th, 2004, 06:30 PM
#12
Member
How are you searching your reg? What information do you have to go on about the key?
[gloworange]
find /home/$newbie -name *? | www.google.com 2>/dev/null
[/gloworange]
-
January 15th, 2004, 06:36 PM
#13
on December 17, 2003 an alteration/addition was made to my registry
Ok, I think they call that parallelism.... anyway...this isn't grammar class. Good luck with your problem.
-
January 15th, 2004, 06:38 PM
#14
basic methods
I used basic search methods with regedit search for certain key words that I thought might be applicable, but that proved to be a futile search.
The key basically prompted a certain dll file to act a certain way and feed back information to the program to act a certain way which was unoriginal from the initial install.
I don't have much information on the key except a personal knowledge of the date that it was implemented. the key inhibits or prevents certain or normal behavior of the program itself.
-
January 15th, 2004, 06:49 PM
#15
the dll was actually altered
the dll was actually altered by an unknown programmer to bypass the abnormal behavior and allow access to the program by fooling or ignoring the registry key. I have a copy of both dlls, the dll is knowns as dialogs.dll the original one is 54kb and is a normal file, the altered dll is 40 kb and is an altered version which helps bypass the reg key inhibitor.
there's a program called BinaryWork DLL Viewer 1.0.7 which allows you to do a comparisoin view of the dll programming code, but I cannot seem to find a copy of this program any longer. I used to have it and I used to try to run a comparison view of each dll, but that too proved to be futile.
-
January 15th, 2004, 07:14 PM
#16
I went to a certain coffee shop and poured a certain type of coffee into this cup and transfered certain ingredients within and modified the mixture of love and sat down and agreed with Groovicus.
-
January 15th, 2004, 07:51 PM
#17
Member
Re: the dll was actually altered
Originally posted here by isle_of_infamy
the dll was actually altered by an unknown programmer to bypass the abnormal behavior and allow access to the program by fooling or ignoring the registry key. I have a copy of both dlls, the dll is knowns as dialogs.dll the original one is 54kb and is a normal file, the altered dll is 40 kb and is an altered version which helps bypass the reg key inhibitor.
there's a program called BinaryWork DLL Viewer 1.0.7 which allows you to do a comparisoin view of the dll programming code, but I cannot seem to find a copy of this program any longer. I used to have it and I used to try to run a comparison view of each dll, but that too proved to be futile.
Unless its some obsucre CLSID key, you should be able to find it manually, looking in places where the program modified keys, generally hkey/localmachine/software/*app*
I'm having trouble following your train of thought here, but perhaps renaming the dll file the key is modifying will give you an error message that will give you more info??
[gloworange]
find /home/$newbie -name *? | www.google.com 2>/dev/null
[/gloworange]
-
January 15th, 2004, 08:01 PM
#18
yes
yes I'm led to believe it is an obsucre CLSID key, because deleting the software reg keys didn't seem to help.
-
January 15th, 2004, 08:07 PM
#19
more info
well see the program I am speaking about is a chat service that I go to. and the registry key that which is a 3rd party reg key is implemented in order to ban the user from the chat service, but it proved to be more of annoyance than an effective ban of the user. so that's why I wanna find this key so I will know exactly where it is for reference purposes. normally users would have to reformat as indicated in a previous post in this thread, but as i said the altered dll helped me bypass the ban.
The principal matter is that I feel 3rd party alterations to the registry seemingly should be deemed a security breech, and I basically wanted to remove this breech.
-
January 15th, 2004, 09:52 PM
#20
Member
Re: more info
Originally posted here by isle_of_infamy
well see the program I am speaking about is a chat service that I go to. and the registry key that which is a 3rd party reg key is implemented in order to ban the user from the chat service, but it proved to be more of annoyance than an effective ban of the user. so that's why I wanna find this key so I will know exactly where it is for reference purposes. normally users would have to reformat as indicated in a previous post in this thread, but as i said the altered dll helped me bypass the ban.
The principal matter is that I feel 3rd party alterations to the registry seemingly should be deemed a security breech, and I basically wanted to remove this breech.
THen your only recourse is probably removing the software completely, or getting banned from another computer/OS/fresh install and install a monitoring software before hand. BTW windows 2k server cd comes with a handy tool that will take a snap shot before and after of your system and then show you every reg key and file thats been changed or added since that time.
[gloworange]
find /home/$newbie -name *? | www.google.com 2>/dev/null
[/gloworange]
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|