Hallo Zusammen
Ich stehe vor einem Problem und wollte hier gerne um Rat bitten.
Wenn ich mit der SW-Columbus eine neue Applikation vorbereite
erstellt mir diese Anwendung eine art "Snapshot" der Registrierung
Dieses File beinhaltet viel Text teile so wie "RegStrings" es kommt
immer wieder vor dass ich hierbei aus diesem file gerne ein
gültiges REG file erstellen möchte.
Wie ist dieser Aufwand abzuwägen? kann ich um ein mögliches
Muster oder einen idee Vorschlag bitten, wie ich dies angehen
könnte damit ich einen möglichen Pfad sehen könnte.
Möchte mich schon jetzt für alle Informationen bedanken und
wünsche einen ganz schönen Abend!
Gruss
Spoiler anzeigen
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0002' 'InfPath' 'oem12.inf' 'REG_SZ'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0002' 'InfSection' 'gdihook5' 'REG_SZ'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0002' 'MatchingDeviceId' 'pci_gdihook5_hwid' 'REG_SZ'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0002' 'ProviderName' 'NSL' 'REG_SZ'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0002\Settings' 'Attach.ToDesktop' '1' 'REG_DWORD'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0002\Settings' 'Device Description' 'PCI GDIHOOK5' 'REG_SZ'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0002\Settings' 'InstalledDisplayDrivers' 'H#676469686F6F6B35' 'REG_MULTI_SZ' /ADD
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0002\Settings' 'MirrorDriver' '1' 'REG_DWORD'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0002\Settings' 'VgaCompatible' '0' 'REG_DWORD'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}' 'UpperFilters' 'H#6E736B62666C7472' 'REG_MULTI_SZ' /ADD
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\DeviceClasses\{5b45201d-f2f2-4f3b-85bb-30ff1f953599}\##?#ROOT#DISPLAY#0000#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}' 'DeviceInstance' 'ROOT\DISPLAY\0000' 'REG_SZ'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\DeviceClasses\{5b45201d-f2f2-4f3b-85bb-30ff1f953599}\##?#ROOT#DISPLAY#0000#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}\#' 'SymbolicLink' '\\?\ROOT#DISPLAY#0000#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}' 'REG_SZ'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\DeviceClasses\{5b45201d-f2f2-4f3b-85bb-30ff1f953599}\##?#ROOT#DISPLAY#0000#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}\#\Control' 'Linked' '1' 'REG_DWORD'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\DeviceClasses\{5b45201d-f2f2-4f3b-85bb-30ff1f953599}\##?#ROOT#DISPLAY#0000#{5b45201d-f2f2-4f3b-85bb-30ff1f953599}\Control' 'ReferenceCount' '1' 'REG_DWORD'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\SafeBoot\Network\client32' '' 'Service' 'REG_SZ'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Session Manager\DOS Devices' 'KEYBOARDCLASS0' '\Device\KeyboardClass0' 'REG_SZ'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Session Manager\DOS Devices' 'POINTERCLASS0' '\Device\PointerClass0' 'REG_SZ'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Video\{8568FD2E-9FAE-496B-B65C-0AA5FD4E2FDE}'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Video\{8568FD2E-9FAE-496B-B65C-0AA5FD4E2FDE}\0000' 'Attach.ToDesktop' '1' 'REG_DWORD'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Video\{8568FD2E-9FAE-496B-B65C-0AA5FD4E2FDE}\0000' 'Device Description' 'PCI GDIHOOK5' 'REG_SZ'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Video\{8568FD2E-9FAE-496B-B65C-0AA5FD4E2FDE}\0000' 'InstalledDisplayDrivers' 'H#676469686F6F6B35' 'REG_MULTI_SZ' /ADD
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Video\{8568FD2E-9FAE-496B-B65C-0AA5FD4E2FDE}\0000' 'MirrorDriver' '1' 'REG_DWORD'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Video\{8568FD2E-9FAE-496B-B65C-0AA5FD4E2FDE}\0000' 'VgaCompatible' '0' 'REG_DWORD'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Video\{8568FD2E-9FAE-496B-B65C-0AA5FD4E2FDE}\0000\VolatileSettings' '{5b45201d-f2f2-4f3b-85bb-30ff1f953599}' 'H#5C003F003F005C0052004F004F005400230044004900530050004C00410059002300300030003000300023007B00350062003400350032003000310064002D0066003200660032002D0034006600330062002D0038003500620062002D003300300066006600310066003900350033003500390039007D00' 'REG_BINARY'
Register64 'HKey_Local_Machine' 'SYSTEM\CurrentControlSet\Control\Video\{8568FD2E-9FAE-496B-B65C-0AA5FD4E2FDE}\Video' 'Service' 'gdihook5' 'REG_SZ'
Register64 'HKey_Classes_Root' 'Local Settings\Software\Microsoft\Windows\Shell\BagMRU' 'NodeSlots' 'H#0202020202020202020202020202020202020200020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202' 'REG_BINARY'
Register64 'HKey_Classes_Root' 'Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0' 'MRUListEx' 'H#00000000040000000600000005000000010000000200000003000000FFFFFFFF' 'REG_BINARY'
Register64 'HKey_Classes_Root' 'Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0' 'MRUListEx' 'H#0100000000000000FFFFFFFF' 'REG_BINARY'
Register64 'HKey_Users' '.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections' 'DefaultConnectionSettings' 'H#460000000B000000090000000000000000000000000000000400000000000000905A3CAE8ADDCF0100000000000000000000000001000000020000000A29871F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000' 'REG_BINARY'
Register64 'HKey_Users' '.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections' 'SavedLegacySettings' 'H#460000000C000000090000000000000000000000000000000400000000000000905A3CAE8ADDCF0100000000000000000000000001000000020000000A29871F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000' 'REG_BINARY'
Register64 'HKey_Users' '.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{F584DEDC-87C7-4EC9-97EE-29BCCE997028}' 'WpadDecisionTime' 'H#B04A830E6EE1CF01' 'REG_BINARY'
Register64 'HKey_Current_User' 'Software\Classes\Local Settings\MuiCache\3B\52C64B7E' '@C:\Windows\system32\SampleRes.dll,-105' '{nil}' 'REG_SZ'
Register64 'HKey_Current_User' 'Software\Classes\Local Settings\MuiCache\3B\52C64B7E' '@C:\Windows\system32\SampleRes.dll,-106' '{nil}' 'REG_SZ'
Register64 'HKey_Current_User' 'Software\Classes\Local Settings\MuiCache\3B\52C64B7E' '@C:\Windows\system32\SampleRes.dll,-107' '{nil}' 'REG_SZ'
Register64 'HKey_Current_User' 'Software\Classes\Local Settings\MuiCache\3B\52C64B7E' '@C:\Windows\system32\SampleRes.dll,-108' '{nil}' 'REG_SZ'
Register64 'HKey_Current_User' 'Software\Classes\Local Settings\MuiCache\3B\52C64B7E' '@C:\Windows\system32\SampleRes.dll,-116' '{nil}' 'REG_SZ'
Register64 'HKey_Current_User' 'Software\Classes\Local Settings\MuiCache\3B\52C64B7E' '@C:\Windows\system32\SampleRes.dll,-117' '{nil}' 'REG_SZ'
Register64 'HKey_Current_User' 'Software\Classes\Local Settings\MuiCache\3B\52C64B7E' '@C:\Windows\system32\SampleRes.dll,-118' '{nil}' 'REG_SZ'
Register64 'HKey_Current_User' 'Software\Classes\Local Settings\MuiCache\3B\52C64B7E' '@C:\Windows\system32\SnippingTool.exe,-15051' '{nil}' 'REG_SZ'