<p><span style="color: #000000">脚本源码:<br />AutoItWinSetTitle("RegLocker")<br />$time = IniRead ( "config.ini", "config", "time", "3000" )<br />$log = IniRead ( "config.ini", "config", "log", "1" )<br />$fulldate = @MON & "月" & @MDAY & "日" & @HOUR & "点" & @MIN & "分"</span></p><p><span style="color: #000000">;写入log开始监控<br />If $log = 1 Then<br />$logwrite = FileOpen ( "log.log",1)<br />FileWriteLine($logwrite, $fulldate & ":RegLocker开始监控.")<br />FileClose($logwrite)<br />EndIf</span></p><p><span style="color: #000000">While 1<br /> Sleep($time);时间间隔<br /> $jmming = IniReadSectionNames ( "valuename.ini" );读取键名<br /> for $m = 1 to UBound($jmming) - 1<br /> $lzxing = StringSplit ($jmming[$m], "|");分离键名与锁定类型<br /> If $lzxing[0] =1 Then<br /> $jmvi = IniReadSection ( "valuename.ini", $jmming[$m]);读取键值(值项)与数据与数据类型<br /> For $n = 1 to UBound($jmvi) - 1<br /> $yruuju = StringSplit ($jmvi[$n][1], "|");分离数据与数据类型<br /> $uuju = RegRead ($jmming[$m],$jmvi[$n][0]);读注册表的相关数据<br /> If $uuju = $yruuju[1] Then<br /> ContinueLoop<br /> Else<br /> If $log = 1 Then<br /> $logwrite = FileOpen ( "log.log",1)<br /> FileWriteLine($logwrite, $fulldate & ":" & $jmming[$m] & "键下的" & $jmvi[$n][0] & "值项被修改为" & $uuju &",已阻止该动作")<br /> FileClose($logwrite)<br /> EndIf<br /> RegWrite ($jmming[$m],$jmvi[$n][0],$yruuju[2] ,$yruuju[1]);如果与注册表不符则修改注册表<br /> EndIf<br /> Next<br /> Else<br /> $jmvi = IniReadSection ( "valuename.ini", $jmming[$m]);返回关键字数组<br /> For $y = 1 to 999 Step 1 <br /> Dim $notsame = ""<br /> If $y <= $jmvi[0][0] Then ;如果计数小于ini值项数,正常进行<br /> $yruuju = StringSplit ($jmvi[$y][1], "|");分离数据与数据类型<br /> $vixd = RegEnumVal ($lzxing[1],$y);读注册表的相关值项<br /> If @error = -1 Then ;如果计数大于注册表值项数,则开始写入<br /> $notsame = 1<br /> ;注册表写入判断开始<br /> If $uuju <> $yruuju[1] Or $notsame = 1 Or $jmvi[$y][0] <> $vixd Then <br /> If $log = 1 Then<br /> $logwrite = FileOpen ( "log.log",1)<br /> FileWriteLine($logwrite, $fulldate & ":" & $lzxing[1] & "键已被修改,已阻止该动作")<br /> FileClose($logwrite)<br /> EndIf<br /> RegDelete ($lzxing[1])<br /> For $x = 1 to 999 Step +1<br /> ;MsgBox(0,"x计数",$x)<br /> If $x > $jmvi[0][0] Then ;如果计数超过ini文件里保存键值的个数就退出循环<br /> ExitLoop<br /> EndIf<br /> $yruuju = StringSplit ($jmvi[$x][1], "|")<br /> $rj = RegWrite ($lzxing[1],$jmvi[$x][0],$yruuju[2] ,$yruuju[1]);如果与注册表不符则修改注册表<br /> ;MsgBox(0,"x注册表写入是否成功",$rj)<br /> ;$rd = RegRead($lzxing[1],RegEnumVal ($lzxing[1],$x))<br /> ;MsgBox(0,"读取注册表数据,验证",$rd)<br /> Next<br /> ElseIf $notsame = 2 Then<br /> ;MsgBox(0,"ef",$notsame)<br /> ExitLoop<br /> EndIf<br /> ;注册表写入判断结束<br /> Else ;如果计数小于之,即正常进行<br /> $uuju = RegRead ($lzxing[1], $vixd);读注册表的相关数据<br /> ;MsgBox(0,"y计数",$y)<br /> ;MsgBox(0,"原值项",$jmvi[$y][0])<br /> ;MsgBox(0,"现值项",$vixd)<br /> ;MsgBox(0,"原数据",$yruuju[1])<br /> ;MsgBox(0,"现数据",$uuju)<br /> ;注册表写入判断开始<br /> If $uuju <> $yruuju[1] Or $notsame = 1 Or $jmvi[$y][0] <> $vixd Then <br /> If $log = 1 Then<br /> $logwrite = FileOpen ( "log.log",1)<br /> FileWriteLine($logwrite, $fulldate & ":" & $lzxing[1] & "键已被修改,已阻止该动作")<br /> FileClose($logwrite)<br /> EndIf<br /> RegDelete ($lzxing[1])<br /> For $x = 1 to 999 Step +1<br /> ;MsgBox(0,"x计数",$x)<br /> If $x > $jmvi[0][0] Then ;如果计数超过ini文件里保存键值的个数就退出循环<br /> ExitLoop<br /> EndIf<br /> $yruuju = StringSplit ($jmvi[$x][1], "|")<br /> $rj = RegWrite ($lzxing[1],$jmvi[$x][0],$yruuju[2] ,$yruuju[1]);如果与注册表不符则修改注册表<br /> ;MsgBox(0,"x注册表写入是否成功",$rj)<br /> ;$rd = RegRead($lzxing[1],RegEnumVal ($lzxing[1],$x))<br /> ;MsgBox(0,"读取注册表数据,验证",$rd)<br /> Next<br /> ElseIf $notsame = 2 Then<br /> ;MsgBox(0,"ef",$notsame)<br /> ExitLoop<br /> EndIf<br /> ;注册表写入判断结束<br /> EndIf<br /> Else ;如果计数大于ini值项数,如果进行到这里,则上一次计数为IF第一条件下的正常进行<br /> $vixd = RegEnumVal ($lzxing[1],$y);读注册表的相关值项<br /> If @error = -1 Then ;如果计数同时大于注册表值项数,则数据完全匹配<br /> ExitLoop<br /> Else ;如果计数小于注册表值项数,则该键名下注册表多出一项,重写注册表<br /> $notsame = 1<br /> ;注册表写入判断结束<br /> If $uuju <> $yruuju[1] Or $notsame = 1 Or $jmvi[$y -1][0] <> $vixd Then <br /> If $log = 1 Then<br /> $logwrite = FileOpen ( "log.log",1)<br /> FileWriteLine($logwrite, $fulldate & ":" & $lzxing[1] & "键已被修改,已阻止该动作")<br /> FileClose($logwrite)<br /> EndIf<br /> RegDelete ($lzxing[1])<br /> For $x = 1 to 999 Step +1<br /> ;MsgBox(0,"x计数",$x)<br /> If $x > $jmvi[0][0] Then ;如果计数超过ini文件里保存键值的个数就退出循环<br /> ExitLoop<br /> EndIf<br /> $yruuju = StringSplit ($jmvi[$x][1], "|")<br /> $rj = RegWrite ($lzxing[1],$jmvi[$x][0],$yruuju[2] ,$yruuju[1]);如果与注册表不符则修改注册表<br /> ;MsgBox(0,"x注册表写入是否成功",$rj)<br /> ;$rd = RegRead($lzxing[1],RegEnumVal ($lzxing[1],$x))<br /> ;MsgBox(0,"读取注册表数据,验证",$rd)<br /> Next<br /> ElseIf $notsame = 2 Then<br /> ;MsgBox(0,"ef",$notsame)<br /> ExitLoop<br /> EndIf<br /> ;注册表写入判断结束<br /> EndIf<br /> EndIf<br /> Next<br /> EndIf<br /> Next<br />WEnd</span></p><p><span style="color: #000000">----------------------------------------<br />文件说明:<br />--------------------------<br />log.log:<br />注册表修改记录<br />--------------------------<br />config.ini:<br />--<br />[config]<br />time=3000 ;设置两次检测间的时间间隔<br />log=1 ;设置是否记录注册表修改<br />--------------------------<br />valuename.ini:<br />--<br />;程序有两种锁定方式:<br />;1.锁定指定值项:<br />;(允许锁定一个键名下的多个值项)<br />[HKCU\Control Panel\Desktop\WindowMetrics\] ;这里写入键名<br />MinAnimate = 0|REG_SZ ;值项=数据|数据类型</span></p><p><span style="color: #000000">;2.锁定一个键下的所有值项:<br />;(即不允许增减/修改该键下的值项)<br />[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|all] ;键名|all<br />;下面写入该键下的所有值项,格式同上<br />Logitech Utility=Logi_MwX.Exe|REG_SZ <br />eMuleAutoStart=C:\Program Files\eMule\eMule.exe -AutoStart|REG_SZ </span></p><p></p><a href="attachment/UploadFiles/2007-1/125382194.zip">UploadFiles/2007-1/125382194.zip</a><br /> |