Solved

VBscript to edit binary registry values

Posted on 2012-04-02
8
1,226 Views
Last Modified: 2012-04-03
I've been given some VBscript code that uses a reg file for input and it works under my account but it will not work for regular users because group policies are in place that prevent users from accessing regedit. Here's the code that I'm speaking of:

Option Explicit
On error resume next
dim objShell

set objShell = CreateObject("Wscript.Shell")

objShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PrivacyAdvanced",1,"REG_DWORD"
objShell.RegWrite "HKCU\Software\Microsoft\Internet Explorer\New Windows\PopupMgr",0,"REG_DWORD"
objShell.Run "regedit /s ""<REG_File_Path>", 1, False

Set objShell = Nothing

WScript.quit

I'm going to have to abandon that line that calls regedit and have VBscript directly edit a couple of binary registry values. Below are the values that need to be edited (taken directly from a .reg file). How can I edit these binary values using the RegWrite method, or is some other means necessary to edit binary values?

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]

"{AEBA21FA-782A-4A90-978D-B72164C80120}"=hex:1a,37,61,59,23,52,35,0c,7a,5f,20,\
  17,2f,1e,1a,19,0e,2b,01,73,13,37,13,12,14,1a,15,2a,4e,2c,08,0d,20,1b,28,18,\
  36,32

"{A8A88C49-5EB2-4990-A1A2-0876022C854F}"=hex:1a,37,61,59,23,52,35,0c,7a,5f,20,\
  17,2f,1e,1a,19,0e,2b,01,73,13,37,13,12,14,1a,15,2a,4e,2c,08,0d,20,1b,28,18,\
  36,32
0
Comment
Question by:mcpp661
8 Comments
 
LVL 6

Expert Comment

by:Raquero
ID: 37798185
Since you mention Group Policy, this is much easier to do using Group Policy Preferences in a GPO.

http://technet.microsoft.com/en-us/library/cc753092.aspx
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=24449


With XP clients you will need the client side extension to use GPP: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=3628

Create and edit the GPO from a 2003 R2 or later server.
0
 
LVL 2

Expert Comment

by:0x4c1d
ID: 37798589
Here is a script i have done for you this should do it

Option Explicit
Dim objShell
Set objShell = CreateObject("WScript.Shell")

'Add StdRegProv support in case of Binary, Multi_SZ values
Dim strComputer, ArrOfValue, oReg
const HKEY_USERS = &H80000003
const HKEY_LOCAL_MACHINE = &H80000002
const HKEY_CURRENT_USER = &H80000001
const HKEY_CLASSES_ROOT = &H80000000
strComputer = "."
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")	'used for Binary, Multi_SZ values
objShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\", ""
ArrOfValue = Array(&H1a,&H37,&H61,&H59,&H23,&H52,&H35,&H0c,&H7a,&H5f,&H20,_	'Building array for handling BINARY Value
&H17,&H2f,&H1e,&H1a,&H19,&H0e,&H2b,&H01,&H73,&H13,&H37,&H13,&H12,&H14,&H1a,&H15,&H2a,&H4e,&H2c,&H08,&H0d,&H20,&H1b,&H28,&H18,_
&H"{A8A88C49-5EB2-4990-A1A2-0876022C854F}"=hex:1a,&H37,&H61,&H59,&H23,&H52,&H35,&H0c,&H7a,&H5f,&H20,_
&H17,&H2f,&H1e,&H1a,&H19,&H0e,&H2b,&H01,&H73,&H13,&H37,&H13,&H12,&H14,&H1a,&H15,&H2a,&H4e,&H2c,&H08,&H0d,&H20,&H1b,&H28,&H18,_
Set objShell = Nothing
WScript.Quit

Open in new window


Their is a problem with your reg file that dose not make seance their is 2 entry's that are sitting in limbo

32,36 that are sitting their is this an exact extract from the hive file
0
 

Author Comment

by:mcpp661
ID: 37798790
Everything I posted was cut and pasted from the .reg file I created by exporting that key. Several things I'm not understanding about your script though:

1. Since I'm only looking to edit HKCU I'm assuming that's the only constant I would need, and not the rest?

2. In the array, why does every value have to be prefixed with "&H"?

3. An oReg object was created but the objShell object was used to write the registry value, is this correct?

4.  Not sure I understand everything after the "ArrOfValue=" statement. You set the array equal to the binary entries, but then immediately after the first set you have "{A8A88C49-5EB2-4990-A1A2-0876022C854F}"=hex:1a" and so on. I don't understand this.

Please understand that I don't mean to sound like I'm questioning you, I just don't understand the work that was done and it's just as important that I understand because I want to learn this stuff as well. Thanks.
0
 
LVL 2

Expert Comment

by:0x4c1d
ID: 37798873
Hey,

Thats right but its just defining them so no need to worry about that

2 and 4. because you are playing with the binary form you need to set an array and then define the key when using vbs, as you are going from reg to vbs the interpreter need to know how to understand the values.

3. Yes that is correct

Im still abit off regarding the 36,32 key as its out of bounds and looks out of place can you double check the spacing ?
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:mcpp661
ID: 37798955
Just to be sure I'm going to VPN into work and export the key again and then attach it as a txt file. I'll have it posted in just a few minutes.
0
 

Author Comment

by:mcpp661
ID: 37798970
Here's the entire key. I have not edited the file. It was a reg file but I added a .txt extension.

Also, I'm still no understanding this part of the code:

ArrOfValue = Array(&H1a,&H37,&H61,&H59,&H23,&H52,&H35,&H0c,&H7a,&H5f,&H20,_      'Building array for handling BINARY Value
&H17,&H2f,&H1e,&H1a,&H19,&H0e,&H2b,&H01,&H73,&H13,&H37,&H13,&H12,&H14,&H1a,&H15,&H2a,&H4e,&H2c,&H08,&H0d,&H20,&H1b,&H28,&H18,_
&H"{A8A88C49-5EB2-4990-A1A2-0876022C854F}"=hex:1a,&H37,&H61,&H59,&H23,&H52,&H35,&H0c,&H7a,&H5f,&H20,_
&H17,&H2f,&H1e,&H1a,&H19,&H0e,&H2b,&H01,&H73,&H13,&H37,&H13,&H12,&H14,&H1a,&H15,&H2a,&H4e,&H2c,&H08,&H0d,&H20,&H1b,&H28,&H18,_

It looks like you have one of the registry values inside the array itself. That doesn't seem right to me?
Cookie-Settings-reg.txt
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 37799226
Hi, from here:
http://msdn.microsoft.com/en-us/library/yfdfhz1b(v=vs.84).aspx

it states:
"RegWrite will write at most one DWORD to a REG_BINARY value. Larger values are not supported with this method."

so you will need to use the SetBinaryValue of the StdRegProv class instead.

See the code below for how this can be achieved.

Regards,

Rob.

' Enter the hex value here from the exported registry file
strHexValue = "1a,37,61,59,23,52,35,0c,7a,5f,20,17,2f,1e,1a,19,0e,2b,01,73,13,37,13,12,14,1a,15,2a,4e,2c,08,0d,20,1b,28,18,36,32"

' This section does the conversion from hexidecimal to decimal for the SetBinaryValue method
arrValue = Split(strHexValue, ",")
ReDim uBinary(UBound(arrValue))
For i = LBound(arrValue) To UBound(arrValue)
	uBinary(i) = CLng("&h" & arrValue(i))
Next

' This section inserts the data into the registry
Const HKEY_CURRENT_USER = &H80000001
Set objRegistry = GetObject("Winmgmts:root\default:StdRegProv")
strPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\"
strValueToWrite = "{AEBA21FA-782A-4A90-978D-B72164C80120}"
intReturn = objRegistry.SetBinaryValue(HKEY_CURRENT_USER, strPath, strValueToWrite, uBinary)
strValueToWrite = "{A8A88C49-5EB2-4990-A1A2-0876022C854F}"
intReturn = objRegistry.SetBinaryValue(HKEY_CURRENT_USER, strPath, strValueToWrite, uBinary)

' This section adds your other registry settings
Set objShell = CreateObject("WScript.Shell")
objShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PrivacyAdvanced",1,"REG_DWORD"
objShell.RegWrite "HKCU\Software\Microsoft\Internet Explorer\New Windows\PopupMgr",0,"REG_DWORD"
objShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10",1,"REG_DWORD"

Open in new window

0
 

Author Closing Comment

by:mcpp661
ID: 37800871
Works like a champ! Thanks Rob.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Ok I have been working on this for some time having learned and gained certification in XenDesktop 4 along came version 5 which was released last month. Since then I have been working to deploy XenDesktop 5 in a small environment with only 2 virt…
This script will sweep a range of IP addresses (class c only, 255.255.255.0) and report to a log the version of office installed. What it does: 1.)      Creates log file in the directory the script is run from (if it doesn't already exist) 2.)      Sweep…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now