The WindowsWorkstation.com Forum

Class Enumerator

Forums General General Discussion Class Enumerator

Viewing 2 reply threads
  • Author
    Posts
    • 3rd January 2010 at 19:31 #43963
      Arris
      Moderator

        Why?
        I had some spare time during the vacation and wanted to know how the CLSIDs, AppIDs, Interfaces and TypeLibs in the registry work and are connected to each other (image, also .vsd in attachment) and to the files on disk. This is also very useful information when trying to port applications and features from Windows 7 and Vista to Windows Server 2008 [R2]. 🙂 No comments about variable names and other coding constructions; I don’t code that often! 😛

        Description
        This code will loop through the subkeys of the following HKEY_CLASSES_ROOT branches in the Windows 64bit registry enumerating all FileTypes, CLSIDs, AppIDs, Interfaces and TypeLibs:
        HKEY_CLASSES_ROOT (64bit)
        HKEY_CLASSES_ROOTWow6432Node (32bit)
        HKEY_LOCAL_MACHINESOFTWAREClasses (64bit)
        HKEY_LOCAL_MACHINESOFTWAREWow6432NodeClasses (32bit)
        After all keys have been enumerated they will be connected to each other whereafter you get a big web of connected keys and files. :geek: I have not tested it on a x86 (32bit) Windows version, but I think you just have to remove the references to the Wow6432Node keys in the RootKeys variable and the KeyType enum.

        How to use
        Attached is the Visual Studio 2008 Solution. I haven’t made any graphical interface yet, so the only way to get the information is by running the Solution and setting a breakpoint somewhere at the end so you can view all information using the QuickWatch. The enumeration will take some time (I think about 10 minutes on my PC, specs in sig).

        If you want to see the Classes/TypeLibs and/or AppIDs that depend on a certain file, set a breakpoint at the line after 

        string fileToFind = string.Empty;

        open the QuickWatch and enter for example: 

        fileToFind = "C:\Windows\System32\WinSATAPI.dll"

        Now close the QuickWatch and do a “Step Over” (F10) whereafter you can view whatever you want by opening the foundFile variable in the QuickWatch (image). If you want to view an other file, drag the Execution Pointer back and repeat the instructions above.

        Modifications/Feedback
        Modifying/copying the file is fine as long as you keep some credits to me. Any feedback is welcome as I haven’t worked with any Windows classes ever! 🙂 Any improvements to the code are also more than welcome! :geek: If you have any questions you can also leave a comment here.

        I hope it is useful and have fun with it! 😉

      • 4th January 2010 at 15:14 #50283
        AsciiWolf

          this app looks really great!
          Good job Arris!

        • 4th January 2010 at 15:14 #60102
          Anonymous

            this app looks really great!
            Good job Arris!

        • Author
          Posts
        Viewing 2 reply threads
        • You must be logged in to reply to this topic.