System Wide Registry Hook

  • Thread starter Thread starter Jesse
  • Start date Start date
J

Jesse

Hi All,

I want to be able to make an engine in VB.Net which creates a bridge
between applications and the system registry, so before it's processed
by the O/S, I want to be able to have the request analysed
(read/write/enumerate etc.) and reject the request if it doesn't meet
certain parameters.

I was trying to do this in VB 6 and had a C++ Dll engine loaded in to
Memory to only "buffer" the requests but it's not efficient enough. I
have heard there are better functions etc. to do this better in .Net
but I need some guidence.

Please help. Any advice will be HUGELY appreciated :o).

Jesse.
 
* (e-mail address removed) (Jesse) scripsit:
I want to be able to make an engine in VB.Net which creates a bridge
between applications and the system registry, so before it's processed
by the O/S, I want to be able to have the request analysed
(read/write/enumerate etc.) and reject the request if it doesn't meet
certain parameters.

I was trying to do this in VB 6 and had a C++ Dll engine loaded in to
Memory to only "buffer" the requests but it's not efficient enough. I
have heard there are better functions etc. to do this better in .Net
but I need some guidence.
Click to expand...

I doubt that this can be done "better" in .NET.
 
Hi Herfried,
I doubt that this can be done "better" in .NET.
Click to expand...

I do not know how it is in the German language, but in my language people
say sometimes.

You can better do it in X. (Je kan het beter doen in X)

And the meaning of it is than, it is less work.

Cor
 
Cor,

* "Cor said:
I do not know how it is in the German language, but in my language people
say sometimes.

You can better do it in X. (Je kan het beter doen in X)
Click to expand...

"Du kannst das besser tun in X"

;-)

I thought that the main problem was the performance issue and the OP
wanted to find a faster solution in .NET.
And the meaning of it is than, it is less work.
Click to expand...

:-)
 
Hey Cor,
Using the registry is very easy in VB.net I would not start with thinking
about a Hook, read this first

http://msdn.microsoft.com/library/d.../frlrfMicrosoftWin32RegistryKeyClassTopic.asp

I hope this helps?
Click to expand...

Unfortunately this page wasn't really what I was after. Although it
will help with later stages of writing an engine to modify the
registry yourself from within the program.

I think the hook is one of the most important fundamentals of writing
this so I know how it's going to work and then be able to build around
it. I have heard of a function from .Net which produces an event when
an application makes an adjustment to the registry. This would be
REALLY ideal. The information I'd like to retrieve is the filename of
the program, what key it's accessing, and what it's doing (adding,
deleting, modifying etc.).

For the sake of everyone else, I'll keep you updated with what I find
because I can see a lot of uses in this kind of data retrieval.

Jesse.
 
Hey Cor, Thanks for sticking with me on this subject! :o)
I do not believe it is a service that does the registry, I think it is the
deep in Win32 and that should for you throw an event everytime there was a
change, something as the filesystemwatcher a registrysystemwatcher.
Click to expand...

Yeah, I think your right aye - So I've explored different avenues.
When I initially started this project, I came across code which
basically repeats a function that tells you when there's a change but
because it's just repeating and repeating, slowed down the system
HEAPS aye... was a nightmare.
I think that you can look here if there is something what will help you in
that direction.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sysinfo/base/registry_functions.asp
Click to expand...

Yeah, these functions won't help, unless I can somehow run the same
functions, then hook the task that does the job? I don't know. I'm
quite certain now that the link below will be the closest, if not only
way I'm going to be able to pull this task off. I'm bummed I can't
seem to find a way I can't halt a program altogether when my program
needs to analyse the registry change going through, but yeah, I think
I'm going to have to work around it.

http://msdn.microsoft.com/library/d...egistering_for_the_proper_registry_events.asp

What do you think dude?

Jesse.
 
Back
Top