EnumUsersReg: Difference between revisions
From NSIS Wiki
Jump to navigationJump to search
m (Corrected link to LogicLib header file.) |
(→EnumUsersReg.nsh: Added ___EnumUsersReg___ Definition Test) |
||
| Line 29: | Line 29: | ||
<highlight-nsis>!include "LogicLib.nsh" | <highlight-nsis>!include "LogicLib.nsh" | ||
!ifndef ___EnumUsersReg___ | |||
!define ___EnumUsersReg___ | |||
!define TOKEN_QUERY 0x0008 | !define TOKEN_QUERY 0x0008 | ||
| Line 172: | Line 174: | ||
Pop $R0 | Pop $R0 | ||
FunctionEnd</highlight-nsis> | FunctionEnd | ||
!endif</highlight-nsis> | |||
[[Category:User Accounts Related Functions]] | [[Category:User Accounts Related Functions]] | ||
Revision as of 18:08, 3 November 2009
| Author: kichik (talk, contrib) |
Requires: LogicLib header file.
This script will enumerate all local users and load their registry hives (HKCU) one by one. You can use it to delete settings of logged off users.
Usage Example
!include "EnumUsersReg.nsh" Name EnumUsersReg OutFile EnumUsersReg.exe ShowInstDetails show Section ${EnumUsersReg} CallbackFunction temp.key SectionEnd Function CallbackFunction Pop $0 ReadRegStr $0 HKU "$0\Software\Microsoft\Internet Explorer" "Download Directory" DetailPrint $0 FunctionEnd
EnumUsersReg.nsh
!include "LogicLib.nsh" !ifndef ___EnumUsersReg___ !define ___EnumUsersReg___ !define TOKEN_QUERY 0x0008 !define TOKEN_ADJUST_PRIVILEGES 0x0020 !define SE_RESTORE_NAME SeRestorePrivilege !define SE_PRIVILEGE_ENABLED 0x00000002 !define HKEY_USERS 0x80000003 !macro _EnumUsersReg_AdjustTokens StrCpy $R1 0 System::Call "kernel32::GetCurrentProcess() i .R0" System::Call "advapi32::OpenProcessToken(i R0, i ${TOKEN_QUERY}|${TOKEN_ADJUST_PRIVILEGES}, \ *i R1R1) i .R0" ${If} $R0 != 0 System::Call "advapi32::LookupPrivilegeValue(t n, t '${SE_RESTORE_NAME}', *l .R2) i .R0" ${If} $R0 != 0 System::Call "*(i 1, l R2, i ${SE_PRIVILEGE_ENABLED}) i .R0" System::Call "advapi32::AdjustTokenPrivileges(i R1, i 0, i R0, i 0, i 0, i 0)" System::Free $R0 ${EndIf} System::Call "kernel32::CloseHandle(i R1)" ${EndIf} !macroend !macro _EnumUsersReg_InvokeCallback CALLBACK SUBKEY Push $0 Push $1 Push $R0 Push $R1 Push $R2 Push "${SUBKEY}" Call "${CALLBACK}" Pop $R2 Pop $R1 Pop $R0 Pop $1 Pop $0 !macroend !macro _EnumUsersReg_Load FILE CALLBACK SUBKEY GetFullPathName /SHORT $R2 ${FILE} System::Call "advapi32::RegLoadKey(i ${HKEY_USERS}, t '${SUBKEY}', t R2) i .R2" ${If} $R2 == 0 !insertmacro _EnumUsersReg_InvokeCallback "${CALLBACK}" "${SUBKEY}" System::Call "advapi32::RegUnLoadKey(i ${HKEY_USERS}, t '${SUBKEY}')" ${EndIf} !macroend !macro EnumUsersReg CALLBACK SUBKEY Push $0 Push $1 GetFunctionAddress $0 "${CALLBACK}" StrCpy $1 "${SUBKEY}" Call _EnumUsersReg Pop $1 Pop $0 !macroend !define EnumUsersReg "!insertmacro EnumUsersReg" Function _EnumUsersReg Push $R0 Push $R1 Push $R2 # enumerate logged on users StrCpy $R0 0 ${Do} EnumRegKey $R1 HKU "" $R0 ${If} $R1 != "" !insertmacro _EnumUsersReg_InvokeCallback $0 $R1 IntOp $R0 $R0 + 1 ${EndIf} ${LoopUntil} $R1 == "" # enumerate logged off users System::Call "kernel32::GetVersion() i .R0" IntOp $R0 $R0 & 0x80000000 ${If} $R0 == 0 # nt !insertmacro _EnumUsersReg_AdjustTokens StrCpy $R0 0 ${Do} EnumRegKey $R1 HKLM "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" $R0 ${If} $R1 != "" ReadRegStr $R1 HKLM "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\$R1" \ ProfileImagePath ExpandEnvStrings $R1 $R1 !insertmacro _EnumUsersReg_Load "$R1\NTUSER.DAT" $0 $1 IntOp $R0 $R0 + 1 ${EndIf} ${LoopUntil} $R1 == "" ${Else} # 9x ClearErrors FindFirst $R1 $R2 "$WINDIR\Profiles\*.*" ${Unless} ${Errors} ${Do} ${If} $R2 != "." ${AndIf} $R2 != ".." ${If} ${FileExists} "$WINDIR\Profiles\$R2\USER.DAT" !insertmacro _EnumUsersReg_Load "$WINDIR\Profiles\$R2\USER.DAT" $0 $1 ${EndIf} ${EndIf} ClearErrors FindNext $R1 $R2 ${LoopUntil} ${Errors} FindClose $R1 ${EndUnless} ${Endif} Pop $R2 Pop $R1 Pop $R0 FunctionEnd !endif
