Submitter
SUPPORT TOPIC File Information
- Submitted: Feb 04 2017 11:37 PM
- Last Updated: Feb 19 2017 04:31 PM
- File Size: 14.24KB
- Views: 6787
- Downloads: 1106
Download NativeReg 0.4
0
A native app is an app that will be launched as soon as the kernel initialization is completed.
It will be launched (in user mode) by the session manager (smss.exe) thru the registry key HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\BootExecute (run at every boot) or HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\setupexecute (run once only).
A native app can only use NT API functions (ntdll.dll) and not the Windows API functions.
Possible usages :
nativereg createkey \Registry\Machine\SYSTEM\Setup key1
nativereg createvalue \Registry\Machine\SYSTEM\Setup\key1 test0 8 REG_RND_SZ
nativereg createvalue \Registry\Machine\SYSTEM\Setup\key1 test1 toto REG_SZ
nativereg createvalue \Registry\Machine\SYSTEM\Setup\key1 test2 112233AABBCC REG_BINARY
nativereg createvalue \Registry\Machine\SYSTEM\Setup\key1 test3 666 REG_DWORD
nativereg deletevalue \Registry\Machine\SYSTEM\Setup\key1 test1
nativereg deletekey \Registry\Machine\SYSTEM\Setup\key1
The tool is 32 bits (a 64 bits may come later).
It works on XP and up.
Discussion here.
Regards,
Erwan
It will be launched (in user mode) by the session manager (smss.exe) thru the registry key HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\BootExecute (run at every boot) or HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\setupexecute (run once only).
A native app can only use NT API functions (ntdll.dll) and not the Windows API functions.
Possible usages :
nativereg createkey \Registry\Machine\SYSTEM\Setup key1
nativereg createvalue \Registry\Machine\SYSTEM\Setup\key1 test0 8 REG_RND_SZ
nativereg createvalue \Registry\Machine\SYSTEM\Setup\key1 test1 toto REG_SZ
nativereg createvalue \Registry\Machine\SYSTEM\Setup\key1 test2 112233AABBCC REG_BINARY
nativereg createvalue \Registry\Machine\SYSTEM\Setup\key1 test3 666 REG_DWORD
nativereg deletevalue \Registry\Machine\SYSTEM\Setup\key1 test1
nativereg deletekey \Registry\Machine\SYSTEM\Setup\key1
The tool is 32 bits (a 64 bits may come later).
It works on XP and up.
Discussion here.
Regards,
Erwan
- 430 Total Files
- 13 Total Categories
- 92 Total Authors
- 6875001 Total Downloads
- Rufus Latest File
- Akeo Latest Submitter
152 user(s) are online (in the past 3000 minutes)
0 members, 152 guests, 0 anonymous users