Registry Manager 2008

Registry Manager 2008 is the most comprehensive and powerful registry editing tool available today. It inherits all the best features of the classic KVK Consultancy Registry Manager and adds extended support for the latest Microsoft operating systems.

When a significant new registry data hiding technique was published in late 2008 (Embedded Null characters in registry names) it prompted a re-write of the classic and original Registry Manager application to make it furthur resilient-to / protected-against these techniques.

Registry Manager 2008 offers the following significant improvements:

Full Unicode Support

The original release of Registry Manager was coded for the lowest common denominator as as such employed ANSI character encoding internally. This made for a very compatable application which would easily function in any version of Windows from Windows 95 upwards. However, internally Microsoft where in the process of migrating all their functions to UNICODE equivilent functions. This had begun in Windows 95 but had not been completed by the time of its release. Windows NT was the first fully unicode enabled operating system provided by Microsoft. Window NT internally used the Unicode character set for all of its operations, it provided full compatibilty with the ANSI character encoding standard though and performed implicit and explicit conversions between the two character encoding standards. Registry Manager was first concived in the relatively early days of Windows NT 4. At the time it was though simplest to have it work internally using ANSI strings (Microsoft Quote "The problem was the difficulty in supporting a Unicode application on Windows 95/98/ME; developers had to support those customers as well. Because those platforms do not have the native Unicode support provided by the NT family of operating systems, it was just easier to write non-Unicode applications." - Microsoft).

Why change?

The ASCII (ANSI) encoding system is adequate for the majority for the maintainance of English installations of the Windows registry. However, when it comes to foreign language systems (such as Aribic or Asian character systems) it is an inadquate encoding to fully represent these languages (although it is able to do this via the use of the correct ANSI code page tables to a certain extent).

The UNICODE (Microsoft) encoding system is able to represent nearly every possible character by using 2 to 4 bytes in the per character encoding length. This enables the use of special characters as well as the integration of foreign language characters in an English Language System (to prehaps support a multilingual environment).

As can be ascertained by digesting the above information, UNICODE encoding offers significant advantages (if not just because using it allows for accessing a wider supported range of characters in key and value names).

http://support.microsoft.com/kb/210341/EN-US/

Improved Anti-Virus Methods

The first service pack of Registry Manager added optional Anti-Virus methods to detect and uncover registry data hiding attempts. Since then new data hiding techniques have been uncovered (Embedded Null characters in registry names) by System Internals. Registry Manger has been completely updated to account for, detect and allow access to any thus hidden or protected registry key. In addition to this, Registry Manager has undergone extensive stress testing to ensure that it can access all concievable/creatable registry key and value namings.

Full Windows Vista Support

Windows Vista introduced a range of new security tecniques and new technologies, including:

Registry Manager 2008 functions within the new security model and has improvements which allow it to utilise some of the new Vista UI features.

Full 64 bit Support

Window x64 supports both 32 bit and 64 bit applications. Each application image type (32 bit and 64 bit) is given its own registry view (see article 64 bit Windows and the Registry). Registry Manager now comes in two versions, a 32 bit image and a 64 bit image (both these images are 64 bit aware, read the above article to understand why the 32 bit image needs to be 64 bit aware).

 Return to Latest Links