logmein Posted August 17, 2012 Share Posted August 17, 2012 Hi there,I am going to build a program to manage my startup programs. It work well on WinXP but when I upgrade my OS to Win 7, everything goes hell!This is my sample code :expandcollapse popup#include <ButtonConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <WindowsConstants.au3> #include <Constants.au3> #include <ListViewConstants.au3> #include <GuiListView.au3> #include <String.au3> Global $startup_key_1 = 'HKCU64\Software\Microsoft\Windows\CurrentVersion\Run';x64 os Global $startup_key_2 = 'HKLM64\Software\Microsoft\Windows\CurrentVersion\Run';x64 os Global $startup_key_3 = 'HKCU\Software\Microsoft\Windows\CurrentVersion\Run' Global $startup_key_4 = 'HKLM\Software\Microsoft\Windows\CurrentVersion\Run' #Region ### START Koda GUI section ### Form=D:\Total USB Security 4\startup_form.kxf $formStartup = GUICreate("Startup Manager", 618, 326, 192, 125, BitOR($WS_CAPTION,$WS_POPUP,$WS_BORDER,$WS_CLIPSIBLINGS), BitOR($WS_EX_TOOLWINDOW,$WS_EX_WINDOWEDGE)) GUISetFont(10, 400, 0, "Arial") $listStartup = GUICtrlCreateListView("Program|Key|File", 8, 8, 602, 286) $hdlListStartup = GUICtrlGetHandle (-1) GUICtrlSendMsg(-1, $LVM_SETCOLUMNWIDTH, 0, 150) GUICtrlSendMsg(-1, $LVM_SETCOLUMNWIDTH, 1, 70) GUICtrlSendMsg(-1, $LVM_SETCOLUMNWIDTH, 2, 375) $btnRemoveStartup = GUICtrlCreateButton("&Remove", 424, 296, 91, 25, $WS_GROUP) $btnCloseStartupForm = GUICtrlCreateButton("&Close", 520, 296, 91, 25, $WS_GROUP) GUISetState(@SW_SHOW) #EndRegion ### END Koda GUI section ### _GetStartupItem () while 1 $nMsg = GUIGetMsg () Switch $nMsg Case $btnCloseStartupForm Exit Case $btnRemoveStartup _RemoveStartupItem () EndSwitch WEnd Func _RemoveStartupItem() $select = _GUICtrlListView_GetSelectedIndices($hdlListStartup, True);get first item index If $select[0] <> 0 Then $key = _GUICtrlListView_GetItem($hdlListStartup, $select[1], 1) $program = _GUICtrlListView_GetItem($hdlListStartup, $select[1], 0);program[3] means program name RegDelete($key[3] & '\Software\Microsoft\Windows\CurrentVersion\Run', $program[3]) ;ConsoleWrite ($key[3] & '\Software\Microsoft\Windows\CurrentVersion\Run' & '[' & $program[3] & ']' & @CRLF) If Not @error Then _GUICtrlListView_DeleteItem($hdlListStartup, $select[1]) Else MsgBox(32, 'Startup Manager', 'Can''t remove the registry key. Please try again!', '', $formStartup) Return EndIf EndIf EndFunc Func _GetStartupItem() For $i = 1 To 100 $enum_key = RegEnumVal($startup_key_1, $i) If @error then ExitLoop $strRegRead = RegRead($startup_key_1, $enum_key) $strRegReplace = _StringBetween ($strRegRead,'"','"') If Not @error Then $add = _GUICtrlListView_AddItem($hdlListStartup, $enum_key) _GUICtrlListView_AddSubItem($hdlListStartup, $add, 'HKCU64', 1) _GUICtrlListView_AddSubItem($hdlListStartup, $add, $strRegReplace[0] , 2) Else $add = _GUICtrlListView_AddItem($hdlListStartup, $enum_key) _GUICtrlListView_AddSubItem($hdlListStartup, $add, 'HKCU64', 1) _GUICtrlListView_AddSubItem($hdlListStartup, $add, $strRegRead , 2) EndIf Next For $i = 1 To 100 $enum_key = RegEnumVal($startup_key_2, $i) If @error then ExitLoop $strRegRead = RegRead($startup_key_2, $enum_key) $strRegReplace = _StringBetween ($strRegRead,'"','"') If Not @error Then $add = _GUICtrlListView_AddItem($hdlListStartup, $enum_key) _GUICtrlListView_AddSubItem($hdlListStartup, $add, 'HKLM64', 1) _GUICtrlListView_AddSubItem($hdlListStartup, $add, $strRegReplace[0], 2) Else $add = _GUICtrlListView_AddItem($hdlListStartup, $enum_key) _GUICtrlListView_AddSubItem($hdlListStartup, $add, 'HKLM64', 1) _GUICtrlListView_AddSubItem($hdlListStartup, $add, $strRegRead , 2) EndIf Next For $i = 1 To 100 $enum_key = RegEnumVal($startup_key_3, $i) If @error then ExitLoop $strRegRead = RegRead($startup_key_3, $enum_key) $strRegReplace = _StringBetween ($strRegRead,'"','"') If Not @error Then $add = _GUICtrlListView_AddItem($hdlListStartup, $enum_key) _GUICtrlListView_AddSubItem($hdlListStartup, $add, 'HKLM', 1) _GUICtrlListView_AddSubItem($hdlListStartup, $add, $strRegReplace[0], 2) Else $add = _GUICtrlListView_AddItem($hdlListStartup, $enum_key) _GUICtrlListView_AddSubItem($hdlListStartup, $add, 'HKLM', 1) _GUICtrlListView_AddSubItem($hdlListStartup, $add, $strRegRead , 2) EndIf Next For $i = 1 To 100 $enum_key = RegEnumVal($startup_key_4, $i) If @error then ExitLoop $strRegRead = RegRead($startup_key_4, $enum_key) $strRegReplace = _StringBetween ($strRegRead,'"','"') If Not @error Then $add = _GUICtrlListView_AddItem($hdlListStartup, $enum_key) _GUICtrlListView_AddSubItem($hdlListStartup, $add, 'HKLM', 1) _GUICtrlListView_AddSubItem($hdlListStartup, $add, $strRegReplace[0], 2) Else $add = _GUICtrlListView_AddItem($hdlListStartup, $enum_key) _GUICtrlListView_AddSubItem($hdlListStartup, $add, 'HKLM', 1) _GUICtrlListView_AddSubItem($hdlListStartup, $add, $strRegRead , 2) EndIf Next Return EndFunc ;==>_GetStartupItem #endregion---------------------------------------------------------My program can still detect x86 startup programs but when I try to remove x86 programs, there was error. Then I use CCleaner to check up, I choose a x86 program (iTunesHelper), then right-click and choose "Open in Regedit..." and I get the address of registry key : Computer\HLMC\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. Remember that!Afterthat, I choose a x64 program in CCleaner(Persistence), continue to view it in Regedit and I got this :Still Computer\HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run??!Plz help me! [font=arial, helvetica, sans-serif][s]Total USB Security 3.0 Beta[/s] | [s]Malware Kill[/s] | Malware Scanner | Screen Hider | Locker | Matrix Generator[s]AUTO-SYNC 1.0 | MD5 Hash Generator | URL Checker | Tube Take [/s]| Random Text[/font] Link to comment Share on other sites More sharing options...
logmein Posted August 17, 2012 Author Share Posted August 17, 2012 I need you help! As soon as possible, thanks! [font=arial, helvetica, sans-serif][s]Total USB Security 3.0 Beta[/s] | [s]Malware Kill[/s] | Malware Scanner | Screen Hider | Locker | Matrix Generator[s]AUTO-SYNC 1.0 | MD5 Hash Generator | URL Checker | Tube Take [/s]| Random Text[/font] Link to comment Share on other sites More sharing options...
guinness Posted August 17, 2012 Share Posted August 17, 2012 Congratulations on trying not to get help. Don't bump less than 24hours and use that time to find the answer yourself. UDF List:  _AdapterConnections() • _AlwaysRun() • _AppMon() • _AppMonEx() • _ArrayFilter/_ArrayReduce • _BinaryBin() • _CheckMsgBox() • _CmdLineRaw() • _ContextMenu() • _ConvertLHWebColor()/_ConvertSHWebColor() • _DesktopDimensions() • _DisplayPassword() • _DotNet_Load()/_DotNet_Unload() • _Fibonacci() • _FileCompare() • _FileCompareContents() • _FileNameByHandle() • _FilePrefix/SRE() • _FindInFile() • _GetBackgroundColor()/_SetBackgroundColor() • _GetConrolID() • _GetCtrlClass() • _GetDirectoryFormat() • _GetDriveMediaType() • _GetFilename()/_GetFilenameExt() • _GetHardwareID() • _GetIP() • _GetIP_Country() • _GetOSLanguage() • _GetSavedSource() • _GetStringSize() • _GetSystemPaths() • _GetURLImage() • _GIFImage() • _GoogleWeather() • _GUICtrlCreateGroup() • _GUICtrlListBox_CreateArray() • _GUICtrlListView_CreateArray() • _GUICtrlListView_SaveCSV() • _GUICtrlListView_SaveHTML() • _GUICtrlListView_SaveTxt() • _GUICtrlListView_SaveXML() • _GUICtrlMenu_Recent() • _GUICtrlMenu_SetItemImage() • _GUICtrlTreeView_CreateArray() • _GUIDisable() • _GUIImageList_SetIconFromHandle() • _GUIRegisterMsg() • _GUISetIcon() • _Icon_Clear()/_Icon_Set() • _IdleTime() • _InetGet() • _InetGetGUI() • _InetGetProgress() • _IPDetails() • _IsFileOlder() • _IsGUID() • _IsHex() • _IsPalindrome() • _IsRegKey() • _IsStringRegExp() • _IsSystemDrive() • _IsUPX() • _IsValidType() • _IsWebColor() • _Language() • _Log() • _MicrosoftInternetConnectivity() • _MSDNDataType() • _PathFull/GetRelative/Split() • _PathSplitEx() • _PrintFromArray() • _ProgressSetMarquee() • _ReDim() • _RockPaperScissors()/_RockPaperScissorsLizardSpock() • _ScrollingCredits • _SelfDelete() • _SelfRename() • _SelfUpdate() • _SendTo() • _ShellAll() • _ShellFile() • _ShellFolder() • _SingletonHWID() • _SingletonPID() • _Startup() • _StringCompact() • _StringIsValid() • _StringRegExpMetaCharacters() • _StringReplaceWholeWord() • _StringStripChars() • _Temperature() • _TrialPeriod() • _UKToUSDate()/_USToUKDate() • _WinAPI_Create_CTL_CODE() • _WinAPI_CreateGUID() • _WMIDateStringToDate()/_DateToWMIDateString() • Au3 script parsing • AutoIt Search • AutoIt3 Portable • AutoIt3WrapperToPragma • AutoItWinGetTitle()/AutoItWinSetTitle() • Coding • DirToHTML5 • FileInstallr • FileReadLastChars() • GeoIP database • GUI - Only Close Button • GUI Examples • GUICtrlDeleteImage() • GUICtrlGetBkColor() • GUICtrlGetStyle() • GUIEvents • GUIGetBkColor() • Int_Parse() & Int_TryParse() • IsISBN() • LockFile() • Mapping CtrlIDs • OOP in AutoIt • ParseHeadersToSciTE() • PasswordValid • PasteBin • Posts Per Day • PreExpand • Protect Globals • Queue() • Resource Update • ResourcesEx • SciTE Jump • Settings INI • SHELLHOOK • Shunting-Yard • Signature Creator • Stack() • Stopwatch() • StringAddLF()/StringStripLF() • StringEOLToCRLF() • VSCROLL • WM_COPYDATA • More Examples... Updated: 22/04/2018 Link to comment Share on other sites More sharing options...
logmein Posted August 17, 2012 Author Share Posted August 17, 2012 Oh, sorry... [font=arial, helvetica, sans-serif][s]Total USB Security 3.0 Beta[/s] | [s]Malware Kill[/s] | Malware Scanner | Screen Hider | Locker | Matrix Generator[s]AUTO-SYNC 1.0 | MD5 Hash Generator | URL Checker | Tube Take [/s]| Random Text[/font] Link to comment Share on other sites More sharing options...
AdmiralAlkex Posted August 17, 2012 Share Posted August 17, 2012 Look in Task Manager, you are most likely running the x86 RegEdit on your first screenshot. .Some of my scripts: ShiftER, Codec-Control, Resolution switcher for HTC ShiftSome of my UDFs: SDL UDF, SetDefaultDllDirectories, Converting GDI+ Bitmap/Image to SDL Surface Link to comment Share on other sites More sharing options...
logmein Posted August 17, 2012 Author Share Posted August 17, 2012 But they are alike. I don't understand. But how to delete or write a registry key in x86 Regedit? [font=arial, helvetica, sans-serif][s]Total USB Security 3.0 Beta[/s] | [s]Malware Kill[/s] | Malware Scanner | Screen Hider | Locker | Matrix Generator[s]AUTO-SYNC 1.0 | MD5 Hash Generator | URL Checker | Tube Take [/s]| Random Text[/font] Link to comment Share on other sites More sharing options...
Danyfirex Posted August 17, 2012 Share Posted August 17, 2012 (edited) hi you are using bad keys. if you use 'HKCU64' and 'HKCU' on your program will be appear your key two times. so you would be trying to delete a key who doesn't exist. else in 86x you repeat two time your key HKLM64 and HKLM. but in 86x does'nt exist 64x keys. You should Use this. I think this is the best way. Select Case @OSArch="X64" ;case OS x64 read this key "HKLM64SoftwareMicrosoftWindowsCurrentVersionRun" "HKLMSoftwareMicrosoftWindowsCurrentVersionRun" "HKCUSoftwareMicrosoftWindowsCurrentVersionRun" Case @OSArch="X86" ;case OS x86 read this key "HKLMSoftwareMicrosoftWindowsCurrentVersionRun" "HKCUSoftwareMicrosoftWindowsCurrentVersionRun" EndSelect EndFunc Edited August 17, 2012 by Danyfirex  Danysys.com     AutoIt...  UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection  PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut   Link to comment Share on other sites More sharing options...
logmein Posted August 17, 2012 Author Share Posted August 17, 2012 Still don't work:(( [font=arial, helvetica, sans-serif][s]Total USB Security 3.0 Beta[/s] | [s]Malware Kill[/s] | Malware Scanner | Screen Hider | Locker | Matrix Generator[s]AUTO-SYNC 1.0 | MD5 Hash Generator | URL Checker | Tube Take [/s]| Random Text[/font] Link to comment Share on other sites More sharing options...
logmein Posted August 17, 2012 Author Share Posted August 17, 2012 Oh, I solved the problem, firstly, I changed the keys like yours and then add #RequireAdmin at the top of the script:) Thanks Danyfirex:) [font=arial, helvetica, sans-serif][s]Total USB Security 3.0 Beta[/s] | [s]Malware Kill[/s] | Malware Scanner | Screen Hider | Locker | Matrix Generator[s]AUTO-SYNC 1.0 | MD5 Hash Generator | URL Checker | Tube Take [/s]| Random Text[/font] Link to comment Share on other sites More sharing options...
Danyfirex Posted August 17, 2012 Share Posted August 17, 2012 Oh, I solved the problem, firstly, I changed the keys like yours and then add #RequireAdmin at the top of the script:)Thanks Danyfirex:)Glad to help you.regards  Danysys.com     AutoIt...  UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection  PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut   Link to comment Share on other sites More sharing options...
AdmiralAlkex Posted August 18, 2012 Share Posted August 18, 2012 But they are alike. I don't understand. But how to delete or write a registry key in x86 Regedit?That's because WOW redirect x86 apps to another place.You should read up on the Registry Redirector. There are lots of other interesting things to know about x64 Windows if you follow the links around in that Programming Guide.Redirected keys are mapped to physical locations under Wow6432Node. For example, HKEY_LOCAL_MACHINESoftware is redirected to HKEY_LOCAL_MACHINESoftwareWow6432Node. .Some of my scripts: ShiftER, Codec-Control, Resolution switcher for HTC ShiftSome of my UDFs: SDL UDF, SetDefaultDllDirectories, Converting GDI+ Bitmap/Image to SDL Surface Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now