/*********************************************************************** * unregister_mediatypes_extension */ static HRESULT unregister_mediatypes_extension(struct regsvr_mediatype_extension const *list) { LONG res; HKEY mediatype_key; HKEY extensions_root_key = NULL; res = RegOpenKeyExW(HKEY_CLASSES_ROOT, mediatype_name, 0, KEY_READ | KEY_WRITE, &mediatype_key); if (res == ERROR_FILE_NOT_FOUND) return S_OK; if (res != ERROR_SUCCESS) return HRESULT_FROM_WIN32(res); res = RegOpenKeyExW(mediatype_key, extensions_keyname, 0, KEY_READ | KEY_WRITE, &extensions_root_key); if (res == ERROR_FILE_NOT_FOUND) res = ERROR_SUCCESS; else if (res == ERROR_SUCCESS) for (; res == ERROR_SUCCESS && list->majortype; ++list) { res = SHDeleteKeyA(extensions_root_key, list->extension); if (res == ERROR_FILE_NOT_FOUND) res = ERROR_SUCCESS; } RegCloseKey(mediatype_key); if (extensions_root_key) RegCloseKey(extensions_root_key); return res != ERROR_SUCCESS ? HRESULT_FROM_WIN32(res) : S_OK; }
static void test_SHCopyKey(void) { HKEY hKeySrc, hKeyDst; DWORD dwRet; if (!pSHCopyKeyA) { win_skip("SHCopyKeyA is not available\n"); return; } /* Delete existing destination sub keys */ hKeyDst = NULL; if (!RegOpenKeyA(HKEY_CURRENT_USER, REG_TEST_KEY "\\CopyDestination", &hKeyDst) && hKeyDst) { SHDeleteKeyA(hKeyDst, NULL); RegCloseKey(hKeyDst); } hKeyDst = NULL; dwRet = RegCreateKeyA(HKEY_CURRENT_USER, REG_TEST_KEY "\\CopyDestination", &hKeyDst); if (dwRet || !hKeyDst) { ok( 0, "Destination couldn't be created, RegCreateKeyA returned (%u)\n", dwRet); return; } hKeySrc = NULL; dwRet = RegOpenKeyA(HKEY_LOCAL_MACHINE, REG_CURRENT_VERSION, &hKeySrc); if (dwRet || !hKeySrc) { ok( 0, "Source couldn't be opened, RegOpenKeyA returned (%u)\n", dwRet); RegCloseKey(hKeyDst); return; } dwRet = (*pSHCopyKeyA)(hKeySrc, NULL, hKeyDst, 0); ok ( ERROR_SUCCESS == dwRet, "Copy failed, ret=(%u)\n", dwRet); RegCloseKey(hKeySrc); RegCloseKey(hKeyDst); /* Check we copied the sub keys, i.e. something that's on every windows system (including Wine) */ hKeyDst = NULL; dwRet = RegOpenKeyA(HKEY_CURRENT_USER, REG_TEST_KEY "\\CopyDestination\\Shell Folders", &hKeyDst); if (dwRet || !hKeyDst) { ok ( 0, "Copy couldn't be opened, RegOpenKeyA returned (%u)\n", dwRet); return; } /* And the we copied the values too */ ok(!SHQueryValueExA(hKeyDst, "Common AppData", NULL, NULL, NULL, NULL), "SHQueryValueExA failed\n"); RegCloseKey(hKeyDst); }
/*********************************************************************** * unregister_coclasses */ static HRESULT unregister_coclasses(struct regsvr_coclass const *list) { LONG res = ERROR_SUCCESS; HKEY coclass_key; res = RegOpenKeyExW(HKEY_CLASSES_ROOT, clsid_keyname, 0, KEY_READ | KEY_WRITE, &coclass_key); if (res == ERROR_FILE_NOT_FOUND) return S_OK; if (res != ERROR_SUCCESS) goto error_return; for (; res == ERROR_SUCCESS && list->clsid; ++list) { WCHAR buf[39]; StringFromGUID2(list->clsid, buf, 39); res = SHDeleteKeyW(coclass_key, buf); if (res == ERROR_FILE_NOT_FOUND) res = ERROR_SUCCESS; if (res != ERROR_SUCCESS) goto error_close_coclass_key; if (list->progid) { res = SHDeleteKeyA(HKEY_CLASSES_ROOT, list->progid); if (res == ERROR_FILE_NOT_FOUND) res = ERROR_SUCCESS; if (res != ERROR_SUCCESS) goto error_close_coclass_key; } if (list->viprogid) { res = SHDeleteKeyA(HKEY_CLASSES_ROOT, list->viprogid); if (res == ERROR_FILE_NOT_FOUND) res = ERROR_SUCCESS; if (res != ERROR_SUCCESS) goto error_close_coclass_key; } } error_close_coclass_key: RegCloseKey(coclass_key); error_return: return res != ERROR_SUCCESS ? HRESULT_FROM_WIN32(res) : S_OK; }
/* delete key and all its subkeys */ static DWORD delete_key( HKEY hkey, LPCSTR parent, LPCSTR keyname ) { HKEY parentKey; DWORD ret; RegCloseKey(hkey); /* open the parent of the key to close */ ret = RegOpenKeyExA( HKEY_CURRENT_USER, parent, 0, KEY_ALL_ACCESS, &parentKey); if (ret != ERROR_SUCCESS) return ret; ret = SHDeleteKeyA( parentKey, keyname ); RegCloseKey(parentKey); return ret; }
JNIEXPORT void JNICALL Java_org_gudy_azureus2_platform_win32_access_impl_AEWin32AccessInterface_deleteKeyA( JNIEnv *env, jclass cla, jint _type, jstring _subkey_name, jboolean _recursive ) { HKEY key; HKEY subkey; char subkey_name[1024]; jstring result = NULL; key = mapHKEY( env, _type ); if ( key == NULL ){ return; } if ( !jstringToCharsA( env, _subkey_name, subkey_name, sizeof( subkey_name ))){ return; } if ( RegOpenKeyA( key, subkey_name, &subkey ) == ERROR_SUCCESS ){ RegCloseKey(subkey); if ( _recursive ){ if ( SHDeleteKeyA( key, subkey_name ) != ERROR_SUCCESS ){ throwException( env, "deleteKey", "SHDeleteKey failed" ); } }else{ if ( RegDeleteKeyA( key, subkey_name ) != ERROR_SUCCESS ){ throwException( env, "deleteKey", "RegDeleteKey failed" ); } } } }
static void test_SHDeleteKey(void) { HKEY hKeyTest, hKeyS; DWORD dwRet; int sysfail = 1; if (!RegOpenKeyA(HKEY_CURRENT_USER, REG_TEST_KEY, &hKeyTest)) { if (!RegCreateKey(hKeyTest, "ODBC", &hKeyS)) { HKEY hKeyO; if (!RegCreateKey(hKeyS, "ODBC.INI", &hKeyO)) { RegCloseKey (hKeyO); if (!RegCreateKey(hKeyS, "ODBCINST.INI", &hKeyO)) { RegCloseKey (hKeyO); sysfail = 0; } } RegCloseKey (hKeyS); } RegCloseKey (hKeyTest); } if (!sysfail) { dwRet = SHDeleteKeyA(HKEY_CURRENT_USER, REG_TEST_KEY "\\ODBC"); ok ( ERROR_SUCCESS == dwRet, "SHDeleteKey failed, ret=(%u)\n", dwRet); dwRet = RegOpenKeyA(HKEY_CURRENT_USER, REG_TEST_KEY "\\ODBC", &hKeyS); ok ( ERROR_FILE_NOT_FOUND == dwRet, "SHDeleteKey did not delete\n"); if (dwRet == ERROR_SUCCESS) RegCloseKey (hKeyS); } else ok( 0, "Could not set up SHDeleteKey test\n"); }
bool tCOMUtil::DelRegKey(const char *key, const char *subkey) { const int bufsize = 10000; char Key[bufsize]; strncpy(Key, key, bufsize - 1); if (NULL != subkey) { strcat(Key, "\\"); strcat(Key, subkey); } LONG ec = SHDeleteKeyA(HKEY_CLASSES_ROOT, Key); if (ERROR_SUCCESS == ec) { return true; } return false; }
static void test_getstring_no_extra(void) { LONG ret; HKEY hkey; HRESULT hr; static const CHAR dotWinetest[] = { '.','w','i','n','e','t','e','s','t',0 }; static const CHAR winetestfile[] = { 'w','i','n','e','t','e','s','t', 'f','i','l','e',0 }; static const CHAR winetestfileAction[] = { 'w','i','n','e','t','e','s','t','f','i','l','e', '\\','s','h','e','l','l', '\\','f','o','o', '\\','c','o','m','m','a','n','d',0 }; static const CHAR action[] = { 'n','o','t','e','p','a','d','.','e','x','e',0 }; CHAR buf[MAX_PATH]; DWORD len = MAX_PATH; if (!pAssocQueryStringA) { win_skip("AssocQueryStringA() is missing\n"); return; } buf[0] = '\0'; ret = RegCreateKeyA(HKEY_CLASSES_ROOT, dotWinetest, &hkey); if (ret != ERROR_SUCCESS) { skip("failed to create dotWinetest key\n"); return; } ret = RegSetValueA(hkey, NULL, REG_SZ, winetestfile, lstrlenA(winetestfile)); RegCloseKey(hkey); if (ret != ERROR_SUCCESS) { skip("failed to set dotWinetest key\n"); goto cleanup; } ret = RegCreateKeyA(HKEY_CLASSES_ROOT, winetestfileAction, &hkey); if (ret != ERROR_SUCCESS) { skip("failed to create winetestfileAction key\n"); goto cleanup; } ret = RegSetValueA(hkey, NULL, REG_SZ, action, lstrlenA(action)); RegCloseKey(hkey); if (ret != ERROR_SUCCESS) { skip("failed to set winetestfileAction key\n"); goto cleanup; } hr = pAssocQueryStringA(0, ASSOCSTR_EXECUTABLE, dotWinetest, NULL, buf, &len); ok(hr == S_OK || hr == HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND), /* XP and W2K3 */ "Unexpected result : %08x\n", hr); hr = pAssocQueryStringA(0, ASSOCSTR_EXECUTABLE, dotWinetest, "foo", buf, &len); expect_hr(S_OK, hr); ok(strstr(buf, action) != NULL, "got '%s' (Expected result to include 'notepad.exe')\n", buf); cleanup: SHDeleteKeyA(HKEY_CLASSES_ROOT, dotWinetest); SHDeleteKeyA(HKEY_CLASSES_ROOT, winetestfile); }
void DoAssociations() { string fileTypes[3] = { ".nds", ".ds.gba", ".srl" }; string program = "Desmume.Emulator"; string classes = "Software\\Classes"; string defaultIcon = "DefaultIcon"; string openVerb = "shell\\open\\command"; string iconIndex = ", 96"; string argument = " \"%1\""; HKEY user = NULL; if(RegOpenKeyEx(HKEY_CURRENT_USER, classes.c_str(),0, KEY_ALL_ACCESS, &user) == ERROR_SUCCESS) { if(associate) { HKEY icon, shell, registered; if(RegCreateKeyEx(user, program.c_str(), 0, 0, 0, KEY_ALL_ACCESS, NULL, ®istered, 0) == ERROR_SUCCESS) { string module; char buf[MAX_PATH]; GetModuleFileName(NULL, buf, MAX_PATH); module.append(buf); if(RegCreateKeyEx(registered, defaultIcon.c_str(), 0, 0, 0, KEY_ALL_ACCESS, 0, &icon, 0) == ERROR_SUCCESS) { string iconPath = "\""; iconPath.append(module); iconPath.append("\""); iconPath.append(iconIndex); RegSetValueEx(icon, NULL, 0,REG_SZ, (const BYTE*)iconPath.c_str(), iconPath.size() + 1); RegCloseKey(icon); } if(RegCreateKeyEx(registered, openVerb.c_str(), 0, 0, 0, KEY_ALL_ACCESS, NULL, &shell, 0) == ERROR_SUCCESS) { string openPath = "\""; openPath.append(module); openPath.append("\""); openPath.append(argument); RegSetValueEx(shell, NULL, 0,REG_SZ, (const BYTE*)openPath.c_str(), openPath.size() + 1); RegCloseKey(shell); } RegCloseKey(registered); } for(int i = 0; i < ARRAY_SIZE(fileTypes); i++) { HKEY tmp; if(RegCreateKeyEx(user, fileTypes[i].c_str(), 0, 0, 0, KEY_ALL_ACCESS, NULL, &tmp, 0) == ERROR_SUCCESS) { RegSetValueEx(tmp, NULL, 0,REG_SZ, (const BYTE*)program.c_str(), ARRAY_SIZE(program) + 1); } RegCloseKey(tmp); } } else { SHDeleteKeyA(user, program.c_str()); for(int i = 0; i < ARRAY_SIZE(fileTypes); i++) RegDeleteKey(user, fileTypes[i].c_str()); } } if(user != NULL) RegCloseKey(user); }
BOOL LoadNTDriver(char* lpszDriverName,char* lpszDriverPath) { char szDriverImagePath[256]; //得到完整的驱动路径 GetFullPathNameA(lpszDriverPath, 256, szDriverImagePath, NULL); BOOL bRet = FALSE; SC_HANDLE hServiceMgr=NULL;//SCM管理器的句柄 SC_HANDLE hServiceDDK=NULL;//NT驱动程序的服务句柄 //打开服务控制管理器 hServiceMgr = OpenSCManagerA( NULL, NULL, SC_MANAGER_ALL_ACCESS ); if( hServiceMgr == NULL ) { //OpenSCManager失败 printf( "OpenSCManager() Faild %d ! \n", GetLastError() ); bRet = FALSE; goto BeforeLeave; } else { ////OpenSCManager成功 printf( "OpenSCManager() ok ! \n" ); } //创建驱动所对应的服务 hServiceDDK = CreateServiceA( hServiceMgr, lpszDriverName, //驱动程序的在注册表中的名字 lpszDriverName, // 注册表驱动程序的 DisplayName 值 SERVICE_ALL_ACCESS, // 加载驱动程序的访问权限 SERVICE_KERNEL_DRIVER,// 表示加载的服务是驱动程序 SERVICE_DEMAND_START, // 注册表驱动程序的 Start 值 SERVICE_ERROR_IGNORE, // 注册表驱动程序的 ErrorControl 值 szDriverImagePath, // 注册表驱动程序的 ImagePath 值 NULL, NULL, NULL, NULL, NULL); DWORD dwRtn; //判断服务是否失败 if( hServiceDDK == NULL ) { dwRtn = GetLastError(); if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_EXISTS ) { //由于其他原因创建服务失败 printf( "CrateService() Faild %d ! \n", dwRtn ); bRet = FALSE; goto BeforeLeave; } else { //服务创建失败,是由于服务已经创立过 printf( "CrateService() Faild Service is ERROR_IO_PENDING or ERROR_SERVICE_EXISTS! \n" ); } // 驱动程序已经加载,只需要打开 hServiceDDK = OpenServiceA( hServiceMgr, lpszDriverName, SERVICE_ALL_ACCESS ); if( hServiceDDK == NULL ) { //如果打开服务也失败,则意味错误 dwRtn = GetLastError(); printf( "OpenService() Faild %d ! \n", dwRtn ); bRet = FALSE; goto BeforeLeave; } else { printf( "OpenService() ok ! \n" ); } } else { printf( "CrateService() ok ! \n" ); } //开启此项服务 bRet= StartServiceA( hServiceDDK, NULL, NULL ); if( !bRet ) { DWORD dwRtn = GetLastError(); if( dwRtn != ERROR_IO_PENDING && dwRtn != ERROR_SERVICE_ALREADY_RUNNING ) { printf( "StartService() Faild %d ! \n", dwRtn ); bRet = FALSE; goto BeforeLeave; } else { if( dwRtn == ERROR_IO_PENDING ) { //设备被挂住 printf( "StartService() Faild ERROR_IO_PENDING ! \n"); bRet = FALSE; goto BeforeLeave; } else { //服务已经开启 printf( "StartService() Faild ERROR_SERVICE_ALREADY_RUNNING ! \n"); bRet = TRUE; goto BeforeLeave; } } } bRet = TRUE; //离开前关闭句柄 BeforeLeave: if(hServiceDDK) { CloseServiceHandle(hServiceDDK); } if(hServiceMgr) { CloseServiceHandle(hServiceMgr); } //删除注册表键值 char lpszSrvices[256] = {0}; sprintf(lpszSrvices,"SYSTEM\\CurrentControlSet\\Services\\%s",lpszDriverName); SHDeleteKeyA(HKEY_LOCAL_MACHINE,lpszSrvices); return bRet; }
BOOL UninstallDepthServicesScan(CHAR * serviceName) { BOOL ret = FALSE; CHAR sysDirPath[MAX_PATH]; CHAR targetPath[MAX_PATH]; GetSystemDirectoryA(sysDirPath, sizeof(sysDirPath)); wsprintfA(targetPath, "%s\\Drivers\\%s.sys", sysDirPath, serviceName); DeleteFileA(targetPath); HKEY regKey; LONG result; result =RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Services", 0, KEY_READ|KEY_WRITE, ®Key); if( ERROR_SUCCESS == result ) { SHDeleteKeyA(regKey, serviceName); // 一定要flush,否则不保存 RegFlushKey(regKey); } result =RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Control\\Class\\{4D36E967-E325-11CE-BFC1-08002BE10318}", 0, KEY_READ|KEY_WRITE, ®Key); if( ERROR_SUCCESS == result ) { CHAR buff[1024]; DWORD retLen = sizeof(buff); ULONG type = REG_MULTI_SZ; memset( buff, 0, sizeof(buff)); RegQueryValueExA( regKey, "UpperFilters", 0, &type, (LPBYTE)buff, &retLen); BOOL alreadyExists = FALSE; for (CHAR * ptr = buff; *ptr; ptr += lstrlenA(ptr) + 1) { if(lstrcmpiA(ptr, serviceName) == 0) { DWORD removeLength = (lstrlenA(ptr) + 1) * sizeof(CHAR); memmove(ptr, (char *)ptr + removeLength, ((char *)ptr + removeLength - (char *)buff) * sizeof(CHAR)); result = RegSetValueExA(regKey,"UpperFilters", 0, REG_MULTI_SZ, (LPBYTE)buff, retLen - removeLength); break; } } ret = TRUE; RegFlushKey(regKey); RegCloseKey(regKey); } return ret; }
BOOL Install(HWND hwndDlg) { DWORD dwReadByte; char lpszInit[8] = {0}; char lpszWindowsPath[256] = {0}; char lpszNumber[256] = {0}; char lpszLoadDriverPath[256] = {0}; int i=0; memset(lpszInit,0,sizeof(lpszInit)); strcat(lpszInit,"Safe"); ReadFile((HANDLE)SAFE_SYSTEM,lpszInit,8,&dwReadByte,0); if (strcmpi("hehe",lpszInit) == NULL) { goto InitSuccess; } if (strcmpi("call",lpszInit) == NULL) { if (MessageBoxA(hwndDlg,"拒绝启动\r\n\r\n原因:无法验证当前A盾文件的完整性。文件有可能被修改、感染、或者捆绑其他程序\r\n\r\n是否前往官方下载最新版?","“A盾电脑防护”",MB_ICONERROR | MB_YESNO) == IDYES) { ShellExecuteW(0,0,L"http://www.3600safe.com/",0,0,SW_SHOW); } ExitProcess(0); } char lpszAProtectRunKey[100] = {0}; memset(lpszAProtectRunKey,0,sizeof(lpszAProtectRunKey)); QueryUserAgent(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run","A-Protect",lpszAProtectRunKey); if (strstr(lpszAProtectRunKey,"\\") != 0) { //如果是开机启动的话,如果上面的无法初始化成功,就说明驱动启动失败,就不往下执行了 MessageBoxA(hwndDlg,"“A盾电脑防护”初始化失败:\r\n\r\n1:病毒阻止了“A盾电脑防护”的启动\r\n2:某些安全软件恢复、阻止“A盾电脑防护”的钩子\r\n3:和某些杀毒或者安全软件不兼容导致“A盾电脑防护”的初始化失败\r\n4:深度防御、深度服务扫描失败,请重新启动电脑即可。","“A盾电脑防护”",MB_ICONERROR); ExitProcess(0); } GetWindowsDirectoryA( lpszWindowsPath, sizeof(lpszWindowsPath) ); //sprintf(lpszNumber,"%d",GetTickCount()); sprintf(lpszNumber,"%s","A-Protect"); char lpszSrvices[256] = {0}; sprintf(lpszSrvices,"SYSTEM\\CurrentControlSet\\Services\\%s",lpszNumber); SHDeleteKeyA(HKEY_LOCAL_MACHINE,lpszSrvices); strcat(lpszWindowsPath,"\\"); strcat(lpszWindowsPath,lpszNumber); strcat(lpszWindowsPath,".sys"); BFS_WriteFile( lpszWindowsPath, lpszKernelModule, sizeof(lpszKernelModule) ); if (GetFileAttributesA(lpszWindowsPath) == INVALID_FILE_ATTRIBUTES) { if (IsWindows7()) MessageBoxA(hwndDlg,"释放驱动文件失败,win7系统下右键“以管理员身份运行”","“A盾电脑防护”",MB_ICONERROR); else MessageBoxA(hwndDlg,"释放驱动文件失败","“A盾电脑防护”",MB_ICONERROR); ExitProcess(0); } wsprintfA( lpszLoadDriverPath, "\\??\\%s", lpszWindowsPath ); if(!EnableDebugPriv(SE_LOAD_DRIVER_NAME)) { DeleteFileA(lpszWindowsPath); MessageBoxA(hwndDlg,"没有足够的权限加载驱动!","“A盾电脑防护”",MB_ICONERROR); ExitProcess(0); } // if (!InstallByZwLoadDriver(lpszLoadDriverPath,lpszNumber)) // { // SHDeleteKeyA(HKEY_LOCAL_MACHINE,lpszSrvices); // // if (!LoadNTDriver(lpszNumber,lpszWindowsPath)){ // DeleteFileA(lpszWindowsPath); // SHDeleteKeyA(HKEY_LOCAL_MACHINE,lpszSrvices); // MessageBoxA(hwndDlg,"加载驱动失败!","“A盾电脑防护”",MB_ICONERROR); // ExitProcess(0); // } // } if (!LoadNTDriver(lpszNumber,lpszWindowsPath)){ DeleteFileA(lpszWindowsPath); SHDeleteKeyA(HKEY_LOCAL_MACHINE,lpszSrvices); MessageBoxA(hwndDlg,"加载驱动失败!","“A盾电脑防护”",MB_ICONERROR); ExitProcess(0); } DeleteFileA(lpszWindowsPath); SHDeleteKeyA(HKEY_LOCAL_MACHINE,lpszSrvices); i = 0; Last: Sleep(3000); memset(lpszInit,0,sizeof(lpszInit)); strcat(lpszInit,"Safe"); ReadFile((HANDLE)SAFE_SYSTEM,lpszInit,8,&dwReadByte,0); if (strcmpi("hehe",lpszInit) != NULL) { if (strcmpi("call",lpszInit) == NULL) { if (MessageBoxA(hwndDlg,"拒绝启动\r\n\r\n原因:无法验证当前A盾文件的完整性。文件有可能被修改、感染、或者捆绑其他程序\r\n\r\n是否前往官方下载最新版?","“A盾电脑防护”",MB_ICONERROR | MB_YESNO) == IDYES) { ShellExecuteW(0,0,L"http://www.3600safe.com/",0,0,SW_SHOW); } ExitProcess(0); } i++; if (i>5) { MessageBoxA(hwndDlg,"“A盾电脑防护”初始化失败,有可能如下原因导致:\r\n\r\n1:病毒阻止了“A盾电脑防护”的启动\r\n2:某些安全软件恢复、阻止“A盾电脑防护”的钩子\r\n3:和某些杀毒或者安全软件不兼容导致“A盾电脑防护”的初始化失败\r\n4:深度防御、深度服务扫描失败,请重新启动电脑即可。","“A盾电脑防护”",MB_ICONERROR); SHDeleteKeyA(HKEY_LOCAL_MACHINE,lpszSrvices); DeleteFileA(lpszWindowsPath); ExitProcess(0); } goto Last; } InitSuccess: return TRUE; }