Os2 Subsystem reinstall

Guest · Dec 10, 2004

As part of a hardening project I removed these registry keys:
HKLM\System\CurrentControlSet\Control\Session Manager\SubSystems\Optional
HKLM\System\CurrentControlSet\Control\Session Manager\SubSystems\Os2
HKLM\System\CurrentControlSet\Control\Session Manager\SubSystems\Posix
I did not delete any of the system32 subsystem files.
After doing so I come to find out that a documented DOS application is an Os2
application that runs in a DOS-like window.
Now I need to reinstall the Os2 subsystem portion. I have re-entered the
registry keys, restored the original computer settings with setup
security.inf, and deleted
any registry keys added as part of hardening but the application still does
not function. I get the DOS window with c:\winnt\system32\Os2.exe in the
Title Bar,
a cursor blinking in the upper left corner of the window, and that's all.
This is the same result as with the hardened configuration, so I am stumped
about what else to do.
Any suggestions would be greatly appreciated.

Dave Patrick · Dec 10, 2004

Did you create them as Reg_Expand_Sz strings?

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| As part of a hardening project I removed these registry keys:
| HKLM\System\CurrentControlSet\Control\Session Manager\SubSystems\Optional
| HKLM\System\CurrentControlSet\Control\Session Manager\SubSystems\Os2
| HKLM\System\CurrentControlSet\Control\Session Manager\SubSystems\Posix
| I did not delete any of the system32 subsystem files.
| After doing so I come to find out that a documented DOS application is an
Os2
| application that runs in a DOS-like window.
| Now I need to reinstall the Os2 subsystem portion. I have re-entered the
| registry keys, restored the original computer settings with setup
| security.inf, and deleted
| any registry keys added as part of hardening but the application still
does
| not function. I get the DOS window with c:\winnt\system32\Os2.exe in the
| Title Bar,
| a cursor blinking in the upper left corner of the window, and that's all.
| This is the same result as with the hardened configuration, so I am
stumped
| about what else to do.
| Any suggestions would be greatly appreciated.

Guest · Dec 10, 2004

Yes..
Here are the keys and values (comma delimited format). The optional key
viewed in HEX shows Os2 and Posix separated by CrLf.
Name,Type,Value,Last Time Written,Path
optional,REG_MULTI_SZ,Os2...!,,SYSTEM\CurrentControlSet\Control\Session
Manager\SubSystem
Os2,REG_EXPAND_SZ,%SystemRoot%\system32\os2ss.exe,,SYSTEM\CurrentControlSet\Control\Session Manager\SubSystem
posix,REG_EXPAND_SZ,%SystemRoot%\system32\psxss.exe,,SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems

Mark V · Dec 11, 2004

In said:
Yes..
Here are the keys and values (comma delimited format). The
optional key viewed in HEX shows Os2 and Posix separated by CrLf.
Name,Type,Value,Last Time Written,Path
optional,REG_MULTI_SZ,Os2...!,,SYSTEM\CurrentControlSet\Control\Ses
sion Manager\SubSystems
Os2,REG_EXPAND_SZ,%SystemRoot%\system32\os2ss.exe,,SYSTEM\CurrentCo
ntrolSet\Control\Session Manager\SubSystems
posix,REG_EXPAND_SZ,%SystemRoot%\system32\psxss.exe,,SYSTEM\Current
ControlSet\Control\Session Manager\SubSystems

Dave Patrick said:

Did you create them as Reg_Expand_Sz strings?

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| As part of a hardening project I removed these registry keys:
| HKLM\System\CurrentControlSet\Control\Session
| Manager\SubSystems\Optional
| HKLM\System\CurrentControlSet\Control\Session
| Manager\SubSystems\Os2
| HKLM\System\CurrentControlSet\Control\Session
| Manager\SubSystems\Posix I did not delete any of the system32
| subsystem files. After doing so I come to find out that a
| documented DOS application is an
Os2
| application that runs in a DOS-like window.
| Now I need to reinstall the Os2 subsystem portion. I have
| re-entered the registry keys, restored the original computer
| settings with setup security.inf, and deleted
| any registry keys added as part of hardening but the
| application still
does
| not function. I get the DOS window with
| c:\winnt\system32\Os2.exe in the Title Bar,
| a cursor blinking in the upper left corner of the window, and
| that's all. This is the same result as with the hardened
| configuration, so I am
stumped
| about what else to do.
| Any suggestions would be greatly appreciated.

Click to expand...

I'll guess you REG_MULTI_SZ is not correct.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
\SubSystems
Debug REG_EXPAND_SZ
Kmode REG_EXPAND_SZ %SystemRoot%\system32\win32k.sys
Optional REG_MULTI_SZ Os2\0Posix\0\0
Os2 REG_EXPAND_SZ %SystemRoot%\system32\os2ss.exe
Posix REG_EXPAND_SZ %SystemRoot%\system32\psxss.exe
Required REG_MULTI_SZ Debug\0Windows\0\0
(W2K)

There are Nul terminators for each string and one to end the data

Hex:
4F0073003200000050006F0073006900780000000000

Guest · Dec 13, 2004

That was it.
Thanks for your assistance.
Ted.

Mark V said:
In said:

Yes..
Here are the keys and values (comma delimited format). The
optional key viewed in HEX shows Os2 and Posix separated by CrLf.
Name,Type,Value,Last Time Written,Path
optional,REG_MULTI_SZ,Os2...!,,SYSTEM\CurrentControlSet\Control\Ses
sion Manager\SubSystems
Os2,REG_EXPAND_SZ,%SystemRoot%\system32\os2ss.exe,,SYSTEM\CurrentCo
ntrolSet\Control\Session Manager\SubSystems
posix,REG_EXPAND_SZ,%SystemRoot%\system32\psxss.exe,,SYSTEM\Current
ControlSet\Control\Session Manager\SubSystems

Dave Patrick said:

Did you create them as Reg_Expand_Sz strings?

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| As part of a hardening project I removed these registry keys:
| HKLM\System\CurrentControlSet\Control\Session
| Manager\SubSystems\Optional
| HKLM\System\CurrentControlSet\Control\Session
| Manager\SubSystems\Os2
| HKLM\System\CurrentControlSet\Control\Session
| Manager\SubSystems\Posix I did not delete any of the system32
| subsystem files. After doing so I come to find out that a
| documented DOS application is an
Os2
| application that runs in a DOS-like window.
| Now I need to reinstall the Os2 subsystem portion. I have
| re-entered the registry keys, restored the original computer
| settings with setup security.inf, and deleted
| any registry keys added as part of hardening but the
| application still
does
| not function. I get the DOS window with
| c:\winnt\system32\Os2.exe in the Title Bar,
| a cursor blinking in the upper left corner of the window, and
| that's all. This is the same result as with the hardened
| configuration, so I am
stumped
| about what else to do.
| Any suggestions would be greatly appreciated.

Click to expand...

Click to expand...

I'll guess you REG_MULTI_SZ is not correct.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
\SubSystems
Debug REG_EXPAND_SZ
Kmode REG_EXPAND_SZ %SystemRoot%\system32\win32k.sys
Optional REG_MULTI_SZ Os2\0Posix\0\0
Os2 REG_EXPAND_SZ %SystemRoot%\system32\os2ss.exe
Posix REG_EXPAND_SZ %SystemRoot%\system32\psxss.exe
Required REG_MULTI_SZ Debug\0Windows\0\0
(W2K)

There are Nul terminators for each string and one to end the data

Hex:
4F0073003200000050006F0073006900780000000000

Disable posix and os2 subsystems	1	Sep 20, 2005
Problem with POSIX cmd line tools	4	Jan 5, 2004
ATTN: Daniel Chang [MSFT]	4	Nov 11, 2003
Session Manager Questions/Why does SharedSection have 4 parameters?	1	Nov 9, 2003
A few Session Manager Questions/Why does SharedSection have 4 parameters?	5	Nov 9, 2003
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\Posix	1	Jul 18, 2003
STOP: c000021a {Fatal System Error}	5	Dec 30, 2003
Long shutdown delay at "Saving Settings"	1	Jun 21, 2005

Os2 Subsystem reinstall

Guest

Dave Patrick

Guest

Mark V

Guest

Ask a Question

Similar Threads