use regini.exe Modify registry command

Time:2020-11-23

1、 How to get it regini.exe
On the Windows XP installation CD (try other versions yourself), find the regini.ex_ File, with expand.exe Command extraction regini.exe The command is as follows:
%SystemRoot%\System32\EXPAND.EXE “\\?\CDROM0\I386\regini.ex_” “C:\regini.exe”
From the C disk, the regini.exe Copy the files to where you need them.
Advice: do not download from untrusted sites regini.exe 。
2、 Simple examples
Open it first regedit.exe To view the changes in each step, copy the following contents into Notepad and save them as example01.txt and example02.txt files, and then use the following command:
REGINI.EXE example01.txt
REGINI.EXE example02.txt
:::::::: example01.txt:::::: don’t copy me, I’m the division line start:::::::::::
HKEY_CURRENT_USER\example0
HKEY_CURRENT_USER\example0
“example1” = REG_DWORD 1
HKEY_CURRENT_USER\example0
“example2” = REG_SZ “This is an example!”
HKEY_CURRENT_USER\example0
“example3” = REG_MULTI_SZ “This is the first line!” “This is the second line!” “This is the third line!”
HKEY_CURRENT_USER\example0
“example4” = REG_EXPAND_SZ “This is an example! This is an example! This is an example! This is an example! This is an example!”
:::::::: example01.txt::::: don’t copy me, I’m the end of the divider:::::::::::
:::::::: example02.txt::::: don’t copy me, I’m the divider line start:::::::::::
HKEY_CURRENT_USER\example0 [2 8 19]
:::::::: example02.txt::::: don’t copy me, I’m the end of the divider:::::::::::
Modify the first script and run it again
REGINI.EXE example01.txt
No response, it seems to have worked. The key value has become read-only!
3、 Authority code table
1 – administrators full access
2 – administrators read access
3 – administrators read, write access
4 – administrators read, write, delete access
5 – creator full access
6 – creator read and write access
7 – everyone full access
8 – everyone read access
9 – everyone read and write access
10 – everyone read, write, delete access
11 – power users full access
12 – power users read, write access
13 – power users read, write, delete access
14 – system operators full access
15 – system operators read, write access
16 – system operators read, write, delete access
17 – system full access
18 – system read and write access
19 – system read access
20 – administrators read, write, perform access
21 – interactive user full access
22 – interactive user read and write access
23 – interactive user read, write, delete access
4、 Where to use it
After installing the system and anti-virus software, delete some service keys, modify the permissions of some self start keys and file association keys. But then again,
Since we can easily modify the permissions, then the virus can also be modified back, the prevention method is to transfer regini.exe File, and then use the registry monitoring software.
To change the name of a registry monitoring software, it is better to add a shell (not anti-virus software, but anti-virus malicious termination), add it to the service, and alarm will be given once there is any modification.