GWaite Posted June 2, 2011 Share Posted June 2, 2011 Just wondering if anyone has created a TrueCrypt Winapp2.ini entry that they would share? (for all of the Registry keys that Windows throws in there) Thanks, GWaite Link to comment Share on other sites More sharing options...
redhawk Posted June 2, 2011 Share Posted June 2, 2011 Why would you want to add support for TrueCrypt disk encryption software?? Richard S. Link to comment Share on other sites More sharing options...
GWaite Posted June 2, 2011 Author Share Posted June 2, 2011 Politeness... (and self-preservation) I'm a consultant - I keep my corporate and customer data in a TrueCrypt volume on a portable drive - (with TrueCrypt portable on there also). Often, I will plug into a customer's computer to get at some info that I need. Sometimes I get questions about the registry entries that I've left on a customer's workstation. I would just like to "clean up after myself" and save the customer and myself some discomfort. TrueCrypt only makes a couple of registry entries - and I know which ones those are. But a RegScan usually shows 40+ keys that have "TrueCrypt" in them. About 38+ of these are ones that Windows creates in the course of TrueCrypt running. Some values are simple strings - some are embedded in bags - some are written in unicode text. Most of these keys are "Explorer" or menu related - and some of them have associated GUIDs. Since I don't know the significance of the relationship between these keys and Windows - I don't know which ones are safe to delete. GWaite Link to comment Share on other sites More sharing options...
Moderators Andavari Posted June 3, 2011 Moderators Share Posted June 3, 2011 I don't know about remove the stuff Windows will add into Bags, however for the rest of the settings a simple homemade. REG you could run from your USB drive could get rid of most settings. Info here on how to make .REG files delete settings: http://www.pcreview.co.uk/forums/delete-key-using-reg-file-t1581446.html Link to comment Share on other sites More sharing options...
Alan_B Posted June 3, 2011 Share Posted June 3, 2011 When searching for keys holding the value "TrueCrypt" also look for "Gehrpelcg" I forget what I was looking for in sundry Windows Logs/Bags/etc, but I noticed reference to a weird file located in P:\. I never had any drive P:\ and I chased that to death in case Malware had installed something horrible. I Googled the specific P:\{file name now forgotten} and got a perfect match. It was actually a standard common file after ROT13 encryption which had converted C:\ to P:\ Rot13 is something sneaky that I had not realised was used by M.S. to conceal how much it knew of what files I used. This is the on-line site which converted "TrueCrypt" to "Gehrpelcg" http://faqintosh.com/risorse/en/othutil/webapps/rot13/ N.B. Run ROT13 a second time and you are back to the original. Link to comment Share on other sites More sharing options...
GWaite Posted June 4, 2011 Author Share Posted June 4, 2011 Hi Alan_B... Thanks for reminding me... I had forgotten about the UserAssist key. (FYI: The subkeys there are where Microsoft keeps a list of all of the programs that you access, so they can display the "Most frequently used" program list on your Start Menu). Microsoft obfuscated (with ROT-13) the entries there so that if some tech was working on your machine and searching the Registry, they would not just "stumble" across the list of programs you had been running -- (Microsoft is a kind of "don't ask, don't tell" organization). (Note: If anybody cares, you can just delete the UserAssist key whenever you want - MS will rebuild it the next time you reboot). HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist Anyway Alan_B, I'm not worried about the UserAssist key. If a customer knows about it and is going there and using a ROT-13 program to determine what programs I was running; I've got a pretty smart (and paranoid) customer and some serious trust relationship problems between us. Normally, this whole issue comes up because a customer's IT person is doing some work on the machine and running some cheap "malware detector" that finds "TrueCrypt" in the registry and labels it as a "Possible TROJAN!!!" -- then they start talking about "spyware and malware and that damned consultant". It just takes a ton of my time to explain, and then calm the ruffled feathers of my customer (and the IT dummy). That's why I am looking for something to get rid of all of the CR*P that Windows shoves in the Registry about TrueCrypt when I use it -- just so I can get some "billable" work done. Thanks again Alan_B -- UserAssist took me on a trip down memory lane... ------------ I've been around long enough that I knew Bill and Paul when they were starting up and had their dinky ads for BASIC in the Dr. Dobbs "newsletter" - (it wasn't even a magazine yet! -- "Running lite with overbyte"). They had a little "BASIC OS" they were working on - (WAY before DOS) -- and I was trying to get them to port it to the Intertec SuperBrain. ------------ GWaite Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted June 4, 2011 Moderators Share Posted June 4, 2011 For those who are wondering what Rot13 is, it is a Caesar-cypher encryption that replaces each English letter with the one 13 places forward or back along the alphabet. Microsoft uses this method to hide reg entries to 'protect' you. There have been a couple of threads on forum where Rot13 was mentioned, the last one you took part in Alan and also mention P:\ http://forum.piriform.com/index.php?showtopic=27662#entry166500 Support contact https://support.ccleaner.com/s/contact-form?language=en_US&form=general or support@ccleaner.com Link to comment Share on other sites More sharing options...
Alan_B Posted June 4, 2011 Share Posted June 4, 2011 There have been a couple of threads on forum where Rot13 was mentioned, the last one you took part in Alan and also mention P:\ I had forgotten that post I am afraid - very very afraid. Another lady like my wife who remembers everything I ever said better than I, and has the power to hold it against me ! ! ! Link to comment Share on other sites More sharing options...
login123 Posted June 4, 2011 Share Posted June 4, 2011 I had forgotten that post I am afraid - very very afraid. Another lady like my wife who remembers everything I ever said better than I, and has the power to hold it against me ! ! ! Its not fair at all! How do they do that? But on the bright side you can trust Hazel ... if she said the world was flat, I'd sell my old globe map. The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-) Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers. Link to comment Share on other sites More sharing options...
Winapp2.ini Posted June 4, 2011 Share Posted June 4, 2011 Then she'd make a killing by buying all of the globes at minimum price, and reinforming everyone that the world is round and selling the globes back to you winapp2.ini additions thread winapp2.ini github Link to comment Share on other sites More sharing options...
login123 Posted June 5, 2011 Share Posted June 5, 2011 ROT13 is available as a little standalone exe file, no install needed. See HERE. Winapp, how can you suspect our Hazel of chicanery? I'm aghast. The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-) Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers. Link to comment Share on other sites More sharing options...
Winapp2.ini Posted June 5, 2011 Share Posted June 5, 2011 Tincanery (I feel like Corona!) winapp2.ini additions thread winapp2.ini github Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now