Analyze Registry Guard 1.0, Teniamo sotto controllo i programmi in esecuzione automatica ;)

« Older Newer »

Hpmezzo

Posted on 2/11/2012, 09:53 +4

A volte bisogna alcuni software fastidiosi , o potenzialmente indesiderati, si inserisco tra le chiavi di registro di avvio automatico. Esistono molti software che consentono la rimozione di questi, ma pochi che in tempo reale reagiscono e chiedono all'utente cosa fare! Uno di questi pochi è proprio Analyze Registry Guard che consente di monitorare l'avvio del registro e chiedere se eliminare quella chiave o aggiungerla come Zona Fidata. [TRUSTED ZONE]
All'inizio vi verrà chiesto di definire le chiave Fidate, cosi da non rompervi successivamente

Al mio prossimo programma
argvr

P.S
Trovate questo programma anche in SAV (Sputnik Antivirus) also (Analyze AntiVirus)

EXE:
http://analyzelab.altervista.org/ARG/Analy...istry_Guard.exe
SOUND:
http://analyzelab.altervista.org/ARG/Sound.wav
INI:
http://analyzelab.altervista.org/ARG/Trusted.ini
SORGENTE:
http://analyzelab.altervista.org/ARG/Analy...istry_Guard.au3
(LO TROVATE ANCHE NELLO SPOILER)
Sorgente:

SPOILER (clicca per visualizzare)

#RequireAdmin
;Mounting Initial Point
TraySetState(1) ; Hide the tray icon
TrayTip("Analyze Registry Guard", "Analyze Registry Guard sta monitorando il sistema!", 5, 1)
;Dichiarazione Classes

;Installazione Silent
FileInstall ("Sound.wav" , @WindowsDir&"\Sound.wav")

#include <process.au3>
#include <buttonconstants.au3>
#include <editconstants.au3>
#include <guiconstantsex.au3>
#include <staticconstants.au3>
#include <windowsconstants.au3>
#include <file.au3>
#include <sound.au3>
$Classes1="HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\"
$Classes2="HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\"
$Classes3="HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"
$Classes4="HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"
$Classes5="HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\"
$Classes6="HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce\"
$Classes7="HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\"
$Classes8="HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\"
$Classes9="HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\run\"
$Classes10="HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\run\"
$Classes11=@StartupDir
$Classes12=@StartupCommonDir

While 1
FileDelete ("RegistryWathPrima.log")
For $I=1 to 100
$ResultMSG=0
$Key=RegEnumVal ($Classes1 , $I)
$Classes=$Classes1
If @error <> 0 then ExitLoop
FileWriteLine ("RegistryWathPrima.log" , $Classes1&$Key)
$Result=IniRead ("Trusted.ini" , "TRUST" , $Classes1&$Key , "NOP")
if $Result="NOP" then Call ("Allert")
Next

For $I=1 to 100
$ResultMSG=0
$Key=RegEnumVal ($Classes2 , $I)
$Classes=$Classes2
If @error <> 0 then ExitLoop
FileWriteLine ("RegistryWathPrima.log" , $Classes2&$Key)
$Result=IniRead ("Trusted.ini" , "TRUST" , $Classes2&$Key , "NOP")
if $Result="NOP" then Call ("Allert")
Next

For $I=1 to 100
$ResultMSG=0
$Key=RegEnumVal ($Classes3 , $I)
$Classes=$Classes3
If @error <> 0 then ExitLoop
FileWriteLine ("RegistryWathPrima.log" , $Classes3&$Key)
$Result=IniRead ("Trusted.ini" , "TRUST" , $Classes3&$Key , "NOP")
if $Result="NOP" then Call ("Allert")
Next

For $I=1 to 100
$ResultMSG=0
$Key=RegEnumVal ($Classes4 , $I)
$Classes=$Classes4
If @error <> 0 then ExitLoop
FileWriteLine ("RegistryWathPrima.log" , $Classes4&$Key)
$Result=IniRead ("Trusted.ini" , "TRUST" , $Classes4&$Key , "NOP")
if $Result="NOP" then Call ("Allert")
Next

For $I=1 to 100
$ResultMSG=0
$Key=RegEnumVal ($Classes5 , $I)
$Classes=$Classes5
If @error <> 0 then ExitLoop
FileWriteLine ("RegistryWathPrima.log" , $Classes5&$Key)
$Result=IniRead ("Trusted.ini" , "TRUST" , $Classes5&$Key , "NOP")
if $Result="NOP" then Call ("Allert")
Next

For $I=1 to 100
$ResultMSG=0
$Key=RegEnumVal ($Classes6 , $I)
$Classes=$Classes6
If @error <> 0 then ExitLoop
FileWriteLine ("RegistryWathPrima.log" , $Classes6&$Key)
$Result=IniRead ("Trusted.ini" , "TRUST" , $Classes6&$Key , "NOP")
if $Result="NOP" then Call ("Allert")
Next

For $I=1 to 100
$ResultMSG=0
$Key=RegEnumVal ($Classes7 , $I)
$Classes=$Classes7
If @error <> 0 then ExitLoop
FileWriteLine ("RegistryWathPrima.log" , $Classes7&$Key)
$Result=IniRead ("Trusted.ini" , "TRUST" , $Classes7&$Key , "NOP")
if $Result="NOP" then Call ("Allert")
Next

For $I=1 to 100
$ResultMSG=0
$Key=RegEnumVal ($Classes8 , $I)
$Classes=$Classes8
If @error <> 0 then ExitLoop
FileWriteLine ("RegistryWathPrima.log" , $Classes8&$Key)
$Result=IniRead ("Trusted.ini" , "TRUST" , $Classes8&$Key , "NOP")
if $Result="NOP" then Call ("Allert")
Next

For $I=1 to 100
$ResultMSG=0
$Key=RegEnumVal ($Classes9 , $I)
$Classes=$Classes9
If @error <> 0 then ExitLoop
FileWriteLine ("RegistryWathPrima.log" , $Classes9&$Key)
$Result=IniRead ("Trusted.ini" , "TRUST" , $Classes9&$Key , "NOP")
if $Result="NOP" then Call ("Allert")
Next

For $I=1 to 100
$ResultMSG=0
$Key=RegEnumVal ($Classes10 , $I)
$Classes=$Classes10
If @error <> 0 then ExitLoop
FileWriteLine ("RegistryWathPrima.log" , $Classes10&$Key)
$Result=IniRead ("Trusted.ini" , "TRUST" , $Classes10&$Key , "NOP")
if $Result="NOP" then Call ("Allert")
Next

$search = FileFindFirstFile(@StartupDir&"\*.*")
While 1
$Key = FileFindNextFile($search)
$Classes=@StartupDir
If @error Then ExitLoop
$FileST=IniRead ("Trusted.ini" , "TRUST" , $Classes&"\"&$Key , "NO")
if $FileST="NO" then call ("Allert2")
WEnd
FileClose($search)

$search = FileFindFirstFile(@StartupCommonDir&"\*.*")
While 1
$Key = FileFindNextFile($search)
$Classes=@StartupCommonDir
If @error Then ExitLoop
$FileST=IniRead ("Trusted.ini" , "TRUST" , $Classes&"\"&$Key , "NO")
if $FileST="NO" then call ("Allert2")
WEnd
FileClose($search)

Sleep (2000)

WEnd

Func Allert ()

#Region ### START Koda GUI section ### Form=c:\documents and settings\emanuele\desktop\koda\forms\allert.kxf
$Form1_1 = GUICreate("Analyze Registry Guard 1.0 by Gaetano Mezzofante Emanuele", 623, 164, 192, 124)
$Group1 = GUICtrlCreateGroup("Informazioni sulla nuova voce aggiunta ", 8, 8, 609, 73)
$Label1 = GUICtrlCreateLabel("Posizione: "&$Classes, 16, 24, 600, 17)
$Label2 = GUICtrlCreateLabel("Nome chiave: "&$Key, 16, 40, 600, 17)
GUICtrlCreateGroup("", -99, -99, 1, 1)
$Button1 = GUICtrlCreateButton("Consenti modifica e aggiungi in zona attendibile", 8, 88, 603, 25)
$Button2 = GUICtrlCreateButton("Elimina la chiave di registro", 8, 120, 603, 25)
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###

While 1
$nMsg = GUIGetMsg()
Switch $nMsg
Case $Button1
IniWrite ("Trusted.ini" , "TRUST" , $Classes&$Key , "Trust")
ExitLoop
Case $Button2
RegDelete ($Classes , $Key)
ExitLoop

EndSwitch
WEnd
GUIDelete ($Form1_1)
EndFunc

Func Allert2 ()

#Region ### START Koda GUI section ### Form=c:\documents and settings\emanuele\desktop\koda\forms\allert.kxf
$Form1_1 = GUICreate("Analyze Registry Guard 1.0 by Gaetano Mezzofante Emanuele", 623, 164, 192, 124)
$Group1 = GUICtrlCreateGroup("Informazioni sulla nuova voce aggiunta ", 8, 8, 609, 73)
$Label1 = GUICtrlCreateLabel("Posizione: "&$Classes, 16, 24, 600, 17)
$Label2 = GUICtrlCreateLabel("Nome File: "&$Key, 16, 40, 600, 17)
GUICtrlCreateGroup("", -99, -99, 1, 1)
$Button1 = GUICtrlCreateButton("Consenti modifica e aggiungi in zona attendibile", 8, 88, 603, 25)
$Button2 = GUICtrlCreateButton("Elimina il file", 8, 120, 603, 25)
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###
SoundPlay ("Sound.wav")
While 1
$nMsg = GUIGetMsg()
Switch $nMsg
Case $Button1
IniWrite ("Trusted.ini" , "TRUST" , $Classes&"\"&$Key , "Trust")
ExitLoop
Case $Button2
FileDelete ($Classes&"\"&$Key)
ExitLoop

EndSwitch
WEnd
GUIDelete ($Form1_1)
EndFunc

Edited by Hpmezzo - 2/11/2012, 10:06