 |
yronium
Level: Moderator
Registered: 14-04-2002
Posts: 907
|
Re: start up
Hello. It doesn't make much sense.
When Windows is running in Safe mode, it doesn't load all its drivers, but only those small parts to work in a low quality session. The display adapter, the sound card, the printer, the screen, the scanner are not working. Also the 32bit drivers are not loaded, so all those 32bit applications which are usually running at startup will keep stopped, as Windows is not able to make them work.
As far as I know, you should build a 16bit app, and write to run it in the Autorun.bat file. But it'll be anyway accessible by msconfig.exe. And I don't believe you can build a 16bit app by VB.
Hope it helps
____________________________
Real Programmer can count up to 1024 on his fingers
|
|
11-05-2006 at 09:46 AM |
|
|
yronium
Level: Moderator
Registered: 14-04-2002
Posts: 907
|
Re: start up
quote:
He also disabled the msconfig.exe, regedit.exe so that it can't be removed....
... and also prevented users to run msconfig and regedit for their own, legitimate, other reasons... just like many malware apps do.
quote:
"safe mode have also startup programs to be loaded "
Yes, it's right. And out of a hurry, I remember that you can even write a windowless app, that surely wouldn't need all the display drivers completely running.
Well, to run an app at startup you have to place its path into a key in the registry - but you already know it, isn't it? - or alternately, create a service. I can't help you in this case, as I've never done it, but there are some threads about it here in the forum, just search them.
In order to definitely skip the msconfig or registry editing you should create some kind of 16bit VXD driver, but this time I'm quite sure VB can't do it.
But for sure, you better avoid hiding msconfig or regedit, as is not a polite solution, and there are some other apps the user can install to check auto-running programs. If you'll follow that method, every user will ban you once they discover your trick, and your app will surely be catalogued as malware. Remember that even laws forbid any unauthorized removal of features in other's machines (just google about the last BMG/Sony Rootkit scandal).
Hope it helps
[Edited by yronium on 12-05-2006 at 01:43 PM GMT]
____________________________
Real Programmer can count up to 1024 on his fingers
|
|
12-05-2006 at 12:40 PM |
|
|
VBhat
Level: Sage
Registered: 06-12-2005
Posts: 59
|
Re: start up
Hi vyx,
You can enable and disable regedit by tinkering some registry values but before you do it make a backup of your registry. About tha app you are developing It's a tough job to hide your app since there are lots of software that mimicks msconfig and can do much better. try winpatrol for example.
|
|
19-05-2006 at 03:36 AM |
|
|
sinner
Level: Protégé
Registered: 07-10-2006
Posts: 4
|
Re: start up
you can chance setting in register with folowing code:
Module:
---------
Private Declare Function RegOpenKeyEx Lib "advapi32" Alias "RegOpenKeyExA" ( _
ByVal hKey As Long, ByVal lpSubKey As String, ByVal ulOptions As Long, _
ByVal samDesired As Long, ByRef phkResult As Long) As Long
Private Declare Function RegQueryValueEx Lib "advapi32" Alias "RegQueryValueExA" ( _
ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, _
ByRef lpType As Long, ByVal lpData As String, ByRef lpcbData As Long) As Long
Private Declare Function RegCloseKey Lib "advapi32" (ByVal hKey As Long) As Long
Private Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" ( _
ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, _
ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
Private Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" ( _
ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
Public Const HKEY_CLASSES_ROOT = &H80000000
Public Const HKEY_CURRENT_USER = &H80000001
Public Const HKEY_LOCAL_MACHINE = &H80000002
Public Const REG_SZ = 1
Public Const REG_BINARY = 3
Public Const REG_DWORD = 4
Public Const REG_OPTION_NON_VOLATILE = 0
Public Const SYNCHRONIZE = &H100000
Public Const READ_CONTROL = &H20000
Public Const STANDARD_RIGHTS_READ = (READ_CONTROL)
Public Const KEY_QUERY_VALUE = &H1
Public Const KEY_ENUMERATE_SUB_KEYS = &H8
Public Const KEY_NOTIFY = &H10
Public Const KEY_WRITE = &H20006
Public Const KEY_ALL_ACCESS = &H2003F
Public Function GetKeyValue(KeyRoot As Long, KeyName As String, SubKeyRef As String, _
ByRef KeyVal As String) As Boolean
Dim i As Long
Dim rc As Long
Dim hKey As Long
Dim KeyValType As Long
Dim tmpVal As String
Dim KeyValSize As Long
rc = RegOpenKeyEx(KeyRoot, KeyName, 0, KEY_ALL_ACCESS, hKey)
If (rc <> ERROR_SUCCESS) Then GoTo GetKeyError
tmpVal = String$(1024, 0)
KeyValSize = 1024
rc = RegQueryValueEx(hKey, SubKeyRef, 0, KeyValType, tmpVal, KeyValSize)
If (rc <> ERROR_SUCCESS) Then GoTo GetKeyError
If (Asc(Mid(tmpVal, KeyValSize, 1)) = 0) Then
tmpVal = Left(tmpVal, KeyValSize - 1)
Else
tmpVal = Left(tmpVal, KeyValSize)
End If
Select Case KeyValType
Case REG_DWORD
For i = Len(tmpVal) To 1 Step -1
KeyVal = KeyVal + Format(Hex(Asc(Mid(tmpVal, i, 1))), "00")
Next
KeyVal = Format$("&h" + KeyVal)
Case REG_SZ
KeyVal = tmpVal
End Select
GetKeyValue = True
rc = RegCloseKey(hKey)
Exit Function
GetKeyError:
GetKeyValue = False
rc = RegCloseKey(hKey)
End Function
' Variable declarations
Public lngTASKBARHWND As Long ' Taskbar Handler
Public intISTASKBARENABLED As Integer ' Determines Windows taskbar is enable or disable
' This procedure enables key
Public Sub KeysOn()
Dim lngA As Long, lngDISABLED As Long
lngDISABLED = False
lngA = SystemParametersInfo(97, lngDISABLED, CStr(1), 0)
End Sub
' This procedure disables key
Public Sub KeysOff()
Dim lngA As Long, lngDISABLED As Long
lngDISABLED = True
lngA = SystemParametersInfo(97, lngDISABLED, CStr(1), 0)
End Sub
Public Function SetKeyValue(KeyRoot As Long, KeyName As String, lType As Long, SubKeyRef As String, KeyVal As Variant) As Boolean
Dim rc As Long
Dim hKey As Long
rc = RegOpenKeyEx(KeyRoot, KeyName, 0, KEY_ALL_ACCESS, hKey)
If (rc <> ERROR_SUCCESS) Then
Call RegCreateKey(KeyRoot, KeyName, hKey)
End If
Select Case lType
Case REG_SZ
rc = RegSetValueEx(hKey, SubKeyRef, 0&, REG_SZ, ByVal CStr(KeyVal & Chr$(0)), Len(KeyVal))
Case REG_BINARY
rc = RegSetValueEx(hKey, SubKeyRef, 0&, REG_BINARY, ByVal CStr(KeyVal & Chr$(0)), Len(KeyVal))
Case REG_DWORD
rc = RegSetValueEx(hKey, SubKeyRef, 0&, REG_DWORD, CLng(KeyVal), 4)
End Select
If (rc <> ERROR_SUCCESS) Then GoTo SetKeyError
SetKeyValue = True
rc = RegCloseKey(hKey)
Exit Function
SetKeyError:
KeyVal = ""
SetKeyValue = False
rc = RegCloseKey(hKey)
End Function |
enter two command buttons on your form and add the following code:
Form:
-------
Private Sub Command1_Click()
'To Disable Registery
If (OS = 1) Then
KeysOff
Else
SetKeyValue HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\Policies\System", REG_DWORD, "DisableRegistryTools", "1"
End If
End Sub
Private Sub Command2_Click()
'To Enable Registery
If (OS = 1) Then
KeysOn
Else
SetKeyValue HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\Policies\System", REG_DWORD, "DisableRegistryTools", "0"
End If
End Sub |
Hope it helps you out
|
|
07-10-2006 at 09:52 PM |
|
|
|
|
 |
|
