Ultimate Boot CD
http://www.ultimatebootcd.com/forums/

Trouble navigating through registry editor.
http://www.ultimatebootcd.com/forums/viewtopic.php?f=3&t=1795
Page 1 of 1

Author:  Tofu777 [ Mon Feb 16, 2009 6:41 am ]
Post subject:  Trouble navigating through registry editor.

Hey guys, I am having the problem explained here

http://www.hmtech.ca/xp-logs-login/

How exactly do I "navigate to the Userinit key"?

Thanks in advance :D

Author:  Icecube [ Mon Feb 16, 2009 8:08 am ]
Post subject: 

Use Offline password and registry editor on UBCD to edit or view the registry.

Author:  Tofu777 [ Mon Feb 16, 2009 8:31 am ]
Post subject: 

Yeah I will get that far but then locating that file is where I get lost

Author:  Icecube [ Mon Feb 16, 2009 8:56 am ]
Post subject: 

Run the registry editor of Offline password and registry editor.
Look at: http://www.governmentsecurity.org/articles/WindowsNTRegistryTutorial.php to see which hive file you need to load.

I your case you need to view HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit, which is located in the %systemroot%\SYSTEM32\CONFIG\SOFTWARE hive file.

I just searched a little bit on the internet to find it :wink: .

Author:  Tofu777 [ Wed Feb 18, 2009 7:22 am ]
Post subject: 

Thank you for your time and patience, this is really confusing for me :) but I'm not exactly sure how to even navigate that far, I pressed enter a few times to get past the first few questions then I press 9 to get to the registry editor, at least I'm guessing that's where I need to be to do all this. Sorry that It's taking me so long to understand all this!

Author:  Icecube [ Wed Feb 18, 2009 9:20 am ]
Post subject: 

Select the right hard drive.
Select which part of the registry to load, ...:
[1]: software

9 Registry editor, now with full write support.
What to do? [1] -> 9

Quote:
> cd Microsoft
\Microsoft> cd Windows NT
\Microsoft\Windows NT> cd CurrentVersion
\Microsoft\Windows NT\CurrentVersion> cd Winlogon
(..)\Windows NT\CurrentVersion\Winlogon> cat Userinit
Value <Userinit> of type REG_SZ, data length 68 [0x44]
C:\WINDOWS\system32\userinit.exe,


If the value of Userinit didn't change, you just have to replace the file 'C:\WINDOWS\system32\userinit.exe' with a virus free copy (recovery console).
If it did change from name
You can type
Code:
ed Userinit

to set the value to:
Code:
C:\WINDOWS\system32\userinit.exe,


Press ? if you need any help for the commands.
ls will display subkeys & values
cat will show the value of a key
ed allows you to edit a value of a key
cd will change the current key (cd .. will bring you back a level higher)

Author:  Tofu777 [ Wed Feb 18, 2009 6:33 pm ]
Post subject: 

Thanks a TON! :D

Page 1 of 1 All times are UTC - 8 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/