Jump to content
Sign in to follow this  
Nunos

RegWrite Verbiage Clarification please.

Recommended Posts

Nunos

I am trying to create a new registry DWORD value that is set to whatever I specify it to say 0 or 1. Not sure what I am doing wrong but I have been unable to write the value to the registry.

#RequireAdmin
Opt("TrayAutoPause", 0)
Opt("GUIOnEventMode", 1)
Opt("MustDeclareVars", 1)
Local $sTitle = "MSSE"
Local $OSA = @OSArch, $OSV = @OSVersion, $OSA64 = 0
Local $HKCR, $HKLM, $HKCU, $HKU, $error
;
Switch $OSA
    Case "X86"
        $HKCR = "HKEY_CLASSES_ROOT"
        $HKCU = "HKEY_CURRENT_USER"
        $HKLM = "HKEY_LOCAL_MACHINE"
        $HKU = "HKEY_USERS"
    Case "X64"
        If Not @AutoItX64 Then ExitMsg("64Bit OS Detected. Please use the 64Bit version of this program.")
        $HKCR = "HKEY_CLASSES_ROOT64"
        $HKCU = "HKEY_CURRENT_USER64"
        $HKLM = "HKEY_LOCAL_MACHINE64"
        $HKU = "HKEY_USERS64"
        $OSA64 = 1
    Case Else
        ExitMsg("Not tested on --> " & $OSA)
EndSwitch
Func ExitMsg($str)
    MsgBox(8208, $sTitle, $str & @TAB)
    Exit
EndFunc
If $OSA = "X86" Then
InetGet("http://download.microsoft.com/download/A/3/8/A38FFBF2-1122-48B4-AF60-E44F6DC28BD8/enus/x86/mseinstall.exe", "MSSE.exe") ;<===== Downloads x86 Version
ElseIf $OSA = "X64" Then
InetGet("http://download.microsoft.com/download/A/3/8/A38FFBF2-1122-48B4-AF60-E44F6DC28BD8/enus/amd64/mseinstall.exe", "MSSE.exe") ;<===== Downloads x64 Version
EndIf
ShellExecuteWait("MSSE.exe","/s /runwgacheck /o", @ScriptDir,"",@SW_HIDE)
Sleep(5000)
RegWrite($HKLM & "\SOFTWARE\Microsoft\Microsoft Antimalware\Exclusions\","Paths","REG_DWORD","C:\Windows\winsxs\"& "0")

So I guess I don't understand the syntax for how to create the new DWORD and then assign it a value.

Share this post


Link to post
Share on other sites
Nunos

That does not seem to do it either. So the key C:Windowwinsxs does not exisit I need to create it and then assign it the DWORD value of 0 But I have been trying for awhile to get it to write the key and I have been unable to sort it out. I have #RequireAdmin but I still think it is some sort of permissions issue writing to that key.

Okay after looking at the permissions for that key I found that Admin in fact can not write to that key. I found the link below http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/ff682907-e05a-4224-9aed-51e0709b58a1 but I am not sure that is a good thing to do or not. Any thoughts or workarounds would be greatly appreciated. :oops:

Edited by Nunos

Share this post


Link to post
Share on other sites
Jos

Just some random questions :oops:

What Windows OS are you testing on?

Are you using the 32 or 64 bit version of Autoit3?

Did you check the Wow6432Node hive when running on a x64 OS?

Jos


Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
Nunos

I am testing it on Win 7 Professional 32 bit and using a 32 bit version of AutoIT. And I appologize but I do not know what the last question means but I have not done anything on a 64Bit system yet all I have done is check on the above mentioned OS.

Share this post


Link to post
Share on other sites
Jos

That last bit is only on an x64 system. :oops:

Lets see if I understand what you want to achieve:

do you want the key value to contain 1 or 0 or do you want the value to be a path?

reason for asking is that a DWORD is numeric and you use this as parameter: "C:Windowswinsxs"& "0"

Jos

Edited by Jos

Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
Nunos

I am trying to add the path and the dword value of 0. The path is to tell the AV to not scan a particular path and I will be adding some other eclusions for File extensions and processes. So I would need to be able to add the path or process or file extension and then set the DWORD value to 0 or 1.

http://wpkg.org/MSSecurityEssentials You can see at that link down under the exclusions section what I am attempting to do. I think it must be some sort of a permissions issue but I could be wrong.

Edited by Nunos

Share this post


Link to post
Share on other sites
Jos

So shouldn't your statement than read either:

$rc = RegWrite($HKLM & "SOFTWAREMicrosoftMicrosoft AntimalwareExclusionsPaths","C:Windowswinsxs","REG_DWORD",0)
or
$rc = RegWrite($HKLM & "SOFTWAREMicrosoftMicrosoft AntimalwareExclusionsPaths","C:Windowswinsxs","REG_DWORD",0)

Jos :oops:

Edited by Jos

Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
Nunos

I tried both and still am not able to add anything to those registry keys. Is it possible that I need to write with like a system account rather than an administrator account? If so any thoughts on how I could do that? I opened the program and added the exclusion and then checked the registry and it was there, then I removed it all and tried with suggestions above and nothing. I tried another script I have that switches the proxy on my laptop for work or home and it was able to write to the registry.

Share this post


Link to post
Share on other sites
Jos

Just tried the following command which worked fine when running in Admin mode:

$rc = RegWrite("HKLMSOFTWAREMicrosoftMicrosoft AntimalwareExclusionsPaths","C:Windowswinsxs","REG_DWORD",0)
Edited by Jos

Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
Nunos

Weird I can't create any keys in that branch under the Microsoft Antimalware key. Perhaps I have an issue with my laptop I will test it on my home pc it is Vista. Thank you for your help so far. :oops:

Update-

I tested on two other computers and in fact was blocked there as well. As a test I tried to write just the keys without the rest of my script and it worked. So to test further I wrote all of the exclusions I wanted to add to the registry first and then installed Microsoft Security Essentials and it worked. I guess MSSE somehow was protecting that registry key. Anyhow I have what I think will work as a work around. Thank you for your help and getting me going in the "Write" direction.

Sorry couldn't resist the pun.

Sincerely,

Nunos

Edited by Nunos

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×