1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Useful security tip

Discussion in 'Earlier Versions of Windows' started by TonyKlein, Jan 21, 2002.

Thread Status:
Not open for further replies.
Advertisement
  1. TonyKlein

    TonyKlein Malware Specialist Thread Starter

    Joined:
    Aug 26, 2001
    Messages:
    10,392
    I came across this one at http://www.wilders.org/ , and I thought it was worth while sharing:

    Windows(98) has a built in bit that allows outsiders
    (any site) to read, write, and edit (in other words, to "hack") your Windows
    registry. This can cause many problems for you, such as making your browser
    behave strangely, changing your homepage, causing programs to hang up or not function, and launching
    programs you don't want to run.

    The Windows program that allows the hacking is called REGWIZC.DLL
    (registry wizard control module).

    The good news is that you can disable it so that it does not allow scripts on
    web sites you visit to hack your registry. Here is how to disable it:

    1. Click on - taskbar/start menu/run
    2. Copy and paste the following line into the run field:
    regsvr32.exe -u c:\windows\system\regwizc.dll
    3. Click OK. You should get a popup message confirming the successful disabling
    of regwizc.dll.

    It is also possible to re-enable regwizc.dll, if you should later decide to allow
    outsiders to get into your registry. I can't think of any reason why you should,
    but this is how to do it:

    1. Click on - taskbar/start menu/run
    2. Copy and paste the following line into the run field:
    regsvr32.exe -c c:\windows\system\regwizc.dll
    3. Click OK. You should get a popup message confirming the successful disabling of
    regwizc.dll.

    Good luck,
     
  2. Signature

    Signature

    Joined:
    Sep 15, 2001
    Messages:
    650
    <font face="comic sans ms" color="#577ac6">I went to Microsoft's <a href="http://support.microsoft.com/servicedesks/fileversion/dllinfo.asp">DLL Help Database</a> and looked up REGWIZC.DLL - (File Name: "regwizc.dll" > click the "Submit" button > then click the "More Information" link)
    I wanted to know what a "Registry Wizard Control Module" was really for, you know, other than to allow outsiders to get into your registry. :D
    I noticed that there are a number of products listed there, beyond Windows 98, that contain REGWIZC.DLL, (of which I still don't know it's legitimate intended use, exactly).
    Should everyone that has a REGWIZC.DLL disable it, or just Windows 98 users in particular?</font>
     
  3. TonyKlein

    TonyKlein Malware Specialist Thread Starter

    Joined:
    Aug 26, 2001
    Messages:
    10,392
    Hi Signature,

    It appears that the main vulnerability is with Windows 98 and possibly ME.

    It is sometimes advised to unregister the MS Registration Wizard in Windows XP as well, but that's more in order to disable the 'call home' feature.
     
  4. Shamrock

    Shamrock

    Joined:
    Dec 3, 1999
    Messages:
    789
    Do you know what the REGWIZC.DLL is supposed to do? What happens if you disable it?
     
  5. deanas

    deanas

    Joined:
    Dec 19, 2001
    Messages:
    149
    Tony:
    Are you sure this is safe to do? I tried it and it messed
    up my session something fierce. I finally had to power
    down and restart. So far the restart seems to be working
    but sure gave me a fits.
     
  6. TonyKlein

    TonyKlein Malware Specialist Thread Starter

    Joined:
    Aug 26, 2001
    Messages:
    10,392
    I'm 110% sure this is safe to do.

    It must have been a coincidence.
     
  7. TonyKlein

    TonyKlein Malware Specialist Thread Starter

    Joined:
    Aug 26, 2001
    Messages:
    10,392
    It's function is to register Windows 98 after you've installed it
    And if you disable it, you won't be able to do that again....

    And should you need to register Windows again, you can always re- register it.

    One other article about it: http://www.windows-help.net/windows98/troub-40.shtml
     
  8. Signature

    Signature

    Joined:
    Sep 15, 2001
    Messages:
    650
    <font face="comic sans ms" color="#577ac6">Thanks Tony. :)</font>
     
  9. WhitPhil

    WhitPhil Gone but never forgotten Trusted Advisor

    Joined:
    Oct 4, 2000
    Messages:
    8,684
  10. TonyKlein

    TonyKlein Malware Specialist Thread Starter

    Joined:
    Aug 26, 2001
    Messages:
    10,392
    Phil,

    It sounds suspiciously like it, although no mention is made of regwizc.dll itself.

    In that case it does seem to be old hat.

    To be fair, the Windows Help-net article turns out to date from 1999, but the Wilders.org article is a very recent addition: it was added 12/13/2001

    Although this usually is a pretty trustworthy site, it's certainly possible that they're off the mark here.
     
  11. WhitPhil

    WhitPhil Gone but never forgotten Trusted Advisor

    Joined:
    Oct 4, 2000
    Messages:
    8,684
    Tony:
    The Registration wizard is one of the affected activex controls in the first link, "7) Registration Wizard: Internet Explorer Product Registration"

    I agree about Wilders, but in this case I don't believe the info is valid any longer. It starts as being suspicious when the DLL is called the "registry" wizard control module, when in reality it is the "Registration" wizard control module.
     
  12. TonyKlein

    TonyKlein Malware Specialist Thread Starter

    Joined:
    Aug 26, 2001
    Messages:
    10,392
    You're right, the file is mentioned specifically.

    I must remember to read articles before commenting on them...

    Tnx!
     
  13. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/65700

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice