查看注册表键值修改时间

admin 2022年5月17日04:06:16评论314 views字数 2528阅读8分25秒阅读模式
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
#include <stdio.h>
#include <string.h>
#include <Windows.h>
#include <iostream>
#include <tchar.h>

#define MAX_KEY_LENGTH 255
#define MAX_VALUE_NAME 16383

void __cdecl TestMain(void);

int wmain(int argc, TCHAR * argv[])
{
TestMain();

}

void QueryKey(HKEY hKey)
{
char achKey[MAX_KEY_LENGTH]; // buffer for subkey name
DWORD cbName; // size of name string
TCHAR achClass[MAX_PATH] = TEXT(""); // buffer for class name
DWORD cchClassName = MAX_PATH; // size of class string
DWORD cSubKeys=0; // number of subkeys
DWORD cbMaxSubKey; // longest subkey size
DWORD cchMaxClass; // longest class string
DWORD cValues; // number of values for key
DWORD cchMaxValue; // longest value name
DWORD cbMaxValueData; // longest value data
DWORD cbSecurityDescriptor; // size of security descriptor
FILETIME ftLastWriteTime; // last write time

DWORD i, retCode;

TCHAR achValue[MAX_VALUE_NAME];
DWORD cchValue = MAX_VALUE_NAME;

// Get the class name and the value count.
retCode = RegQueryInfoKey(
hKey, // key handle
achClass, // buffer for class name
&cchClassName, // size of class string
NULL, // reserved
&cSubKeys, // number of subkeys
&cbMaxSubKey, // longest subkey size
&cchMaxClass, // longest class string
&cValues, // number of values for this key
&cchMaxValue, // longest value name
&cbMaxValueData, // longest value data
&cbSecurityDescriptor, // security descriptor
&ftLastWriteTime); // last write time

// Enumerate the subkeys, until RegEnumKeyEx fails.

if (cSubKeys)
{
printf( "\nNumber of subkeys: %d\n", cSubKeys);

for (i=0; i<cSubKeys; i++)
{
cbName = MAX_KEY_LENGTH;

retCode = RegEnumKeyExA(hKey, i,
achKey,
&cbName,
NULL,
NULL,
NULL,
&ftLastWriteTime);
if (retCode == ERROR_SUCCESS)
{
char szLocalTime[255];
char szLocalDate[255];
SYSTEMTIME sSTYM;
FileTimeToSystemTime(&ftLastWriteTime, &sSTYM);
GetTimeFormatA( LOCALE_USER_DEFAULT, 0, &sSTYM, NULL, szLocalTime, 255 );
GetDateFormatA( LOCALE_USER_DEFAULT, DATE_LONGDATE, &sSTYM, NULL,
szLocalDate, 255 );
printf("%s [%s %s]\n",achKey,szLocalDate,szLocalTime);
}
}
}


if (cValues)
{
printf( "\nNumber of values: %d\n", cValues);

for (i=0, retCode=ERROR_SUCCESS; i<cValues; i++)
{
cchValue = MAX_VALUE_NAME;
achValue[0] = '\0';
retCode = RegEnumValue(hKey, i,
achValue,
&cchValue,
NULL,
NULL,
NULL,
NULL);

if (retCode == ERROR_SUCCESS )
{
_tprintf(TEXT("(%d) %s\n"), i+1, achValue);
}
}
}
}

void __cdecl TestMain(void)
{
HKEY hTestKey;

if( RegOpenKeyEx( HKEY_LOCAL_MACHINE,
TEXT("SYSTEM\\CurrentControlSet\\services"),
0,
KEY_READ,
&hTestKey) == ERROR_SUCCESS
)
{
QueryKey(hTestKey);
}

RegCloseKey(hTestKey);
}

FROM :WOLVEZ'S BLOG| Author:wolve

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2022年5月17日04:06:16
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   查看注册表键值修改时间https://cn-sec.com/archives/1012464.html

发表评论

匿名网友 填写信息