Sysprep

原創 心想才事成 2018-08-29 03:50

Sysprep

 

 

//----- (10002AB0)--------------------------------------------------------
int __stdcall SqmSysprepCleanup()
{
  CleanupAllWinSqmFiles();
  return 0;
}

//----- (10002AC0)--------------------------------------------------------
LSTATUS __stdcall SqmSysprepGeneralize()
{

  v0 =0;
  v18 =(struct _SECURITY_ATTRIBUTES *)1;
  v16 =0;
  v1 =0;
  v17 =0;
  v19 =L"Software\\Microsoft\\SQMClient";
  v20 =L"Software\\Microsoft\\SQMClient\\Windows";
  v21 =L"Software\\Microsoft\\SQMClient\\Windows\\Uploader\\PendingUpload";
  v22 =L"Software\\Microsoft\\SQMClient\\Windows\\Users";
  v23 =L"Software\\Microsoft\\SQMClient\\Windows\\DisabledSessions";
  v24 =L"Software\\Microsoft\\SQMClient\\Windows\\DisabledProcesses";
  v25 =L"Software\\Microsoft\\SQMClient\\Windows\\CommonDatapoints";
  v26 =L"Software\\Microsoft\\SQMClient\\Windows\\ServerSync";
  v27 =L"Software\\Microsoft\\SQMClient\\Windows\\AdaptiveSQM\\ManifestInfo";
  v28 =L"Software\\Microsoft\\SQMClient\\Windows\\AdaptiveSQM\\Throttling";
  v29 =L"Software\\Microsoft\\SQMClient\\CommonUploader";
  v30 =L"Software\\Microsoft\\SQMClient\\Windows\\Uploader";
  RegSetSysprepKey();
  if (RegGetDWordValue(
         L"Software\\Microsoft\\SQMClient\\Windows",
         &stru_1000164C,
         (constunsigned __int16 *)&v18,
         v6,
         v11))
  {
    v18 =(struct _SECURITY_ATTRIBUTES *)1;
  }
  if (!RegGetDWordValue(
          L"Software\\Microsoft\\SQMClient\\Windows",
          &stru_10001664,
          (constunsigned __int16 *)&v16,
          v7,
          v12))
    v0 =1;
  if (!RegGetDWordValue(L"Software\\Microsoft\\SQMClient",&stru_100016A0, (const unsigned __int16 *)&v17, v8, v13))
    v1 =1;
  v3 =0;
  while (1 )
  {
    result =RegDeleteAllValues((int)v2, (&v19)[2 * v3]);
    if (result )
      break;
    if ((unsigned int)++v3 >= 0xC )
    {
      if (!v1
        ||(result =RegSetDWordValue(
                       L"Software\\Microsoft\\SQMClient",
                       v2,
                       (const unsigned __int16 *)&stru_100016A0,
                       v17,
                       v9,
                       v14)) == 0 )
      {
        result =RegSetDWordValue(
                   L"Software\\Microsoft\\SQMClient\\Windows",
                   v2,
                   (const unsigned __int16 *)&stru_1000164C,
                   v18,
                   v9,
                   v14);
        if ( !result )
        {
          if ( v0 )
            result = RegSetDWordValue(
                       L"Software\\Microsoft\\SQMClient\\Windows",
                       v5,
                       (const unsigned __int16 *)&stru_10001664,
                       v16,
                       v10,
                       v15);
        }
      }
      return result;
    }
  }
  return result;
}
// 100011D0: using guessed type wchar_taSoftwareMicr_9[37];
// 10001220: using guessed type wchar_t aSoftwareMicr_8[60];
// 10001298: using guessed type wchar_taSoftwareMicr_2[43];
// 100012F0: using guessed type wchar_taSoftwareMicr_0[54];
// 10001360: using guessed type wchar_taSoftwareMic_10[55];
// 100013D0: using guessed type wchar_taSoftwareMicr_1[54];
// 10001440: using guessed type wchar_taSoftwareMicr_5[48];
// 100014A0: using guessed type wchar_taSoftwareMicr_7[62];
// 10001520: using guessed type wchar_taSoftwareMicr_3[60];
// 10001598: using guessed type wchar_taSoftwareMic_12[44];
// 100015F0: using guessed type wchar_taSoftwareMicros[46];

//----- (10002C10)--------------------------------------------------------
int __stdcall SqmSysprepSpecialize()
{
  HRESULT v0; //eax@1
  HRESULT v1; //esi@1
  HKEY v2; //ecx@8
  HKEY v4; //[sp-10h] [bp-38h]@0
  const unsigned __int16*v5; //[sp-Ch] [bp-34h]@0
  unsigned __int64 v6; // [sp+0h] [bp-28h]@0
  const unsigned __int16*v7; //[sp+0h] [bp-28h]@1
  const unsigned __int16*v8; //[sp+0h] [bp-28h]@6
  unsigned __int32 *v9; // [sp+4h] [bp-24h]@1
  unsigned __int32 v10; // [sp+4h] [bp-24h]@6
  struct _SECURITY_ATTRIBUTES *v11; // [sp+8h][bp-20h]@1
  int v12; // [sp+Ch] [bp-1Ch]@1
  struct _FILETIMESystemTimeAsFileTime; // [sp+10h] [bp-18h]@1
  int v14; // [sp+18h] [bp-10h]@1
  int v15; // [sp+1Ch] [bp-Ch]@1
  int v16; // [sp+20h] [bp-8h]@1
  int v17; // [sp+24h] [bp-4h]@1

  v14 =0;
  SystemTimeAsFileTime.dwLowDateTime = 0;
  v15 =0;
  SystemTimeAsFileTime.dwHighDateTime = 0;
  v12 =0;
  v11 =0;
  v16 =0;
  v17 =0;
  GetSystemTimeAsFileTime(&SystemTimeAsFileTime);
  RegSetDWord64Value(
    v4,
    v5,
    SystemTimeAsFileTime.dwLowDateTime,
    (constunsigned __int16 *)SystemTimeAsFileTime.dwHighDateTime,
    v6);
  v0 =CoInitialize(0);
  v1 =v0;
  if (v0 >= 0|| v0 ==-2147417850)
  {
    CleanupAllWinSqmFiles();
    if (!SqmReadSharedUserId((int)&v14) )
    {
      if (!SqmReadSharedUserId((int)&v14) )
        goto LABEL_11;
      SetLastError(0);
    }
    if ((RegGetDWordValue(
            L"Software\\Microsoft\\ReliabilityAnalysis\\RAC",
            &stru_10001700,
            (constunsigned __int16 *)&v11,
            v7,
            v9)
       ||!v11)
      &&CreateSamplingNumber((unsigned int*)&v11) >= 0
      &&v11 )
    {
      RegSetDWordValue(
        L"Software\\Microsoft\\ReliabilityAnalysis\\RAC",
        v2,
        (constunsigned __int16 *)&stru_10001700,
        v11,
        v8,
        v10);
    }
  }
LABEL_11:
  if (v1 >= 0)
    CoUninitialize();
  return 0;
}

 

//----- (10003E08)--------------------------------------------------------
LSTATUS __cdecl RegSetSysprepKey()
{
  LSTATUS v0; //esi@1
  HKEY phkResult; // [sp+4h] [bp-4h]@1

  phkResult =0;
  v0 =RegCreateKeyExW(
         HKEY_LOCAL_MACHINE,
         L"Software\\Microsoft\\SQMClient\\SysprepPerformed",
         0,
         0,
         1u,
         0x20106u,
         0,
         &phkResult,
         0);
  if (v0 && WPP_GLOBAL_Control != &WPP_GLOBAL_Control&& *((_BYTE *)WPP_GLOBAL_Control+ 28) & 1 )
    WPP_SF_SD(
      46,
      (int)WPP_f9cefb2c04063ea30c4011796e605244_Traceguids,
      *((_DWORD *)WPP_GLOBAL_Control +4),
      *((_DWORD *)WPP_GLOBAL_Control +5),
      L"Software\\Microsoft\\SQMClient\\SysprepPerformed",
      v0);
  if (phkResult )
    RegCloseKey(phkResult);
  return v0;
}

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

男人如何持久?重現男人本色需從細節入手

SteveSapp9 2022-06-23 11:21:40

aesrdvbrtgnfycjumghki,jokl

bglmqecwg 2022-06-20 03:42:04

Aurelien Tchouameni will try to break the curse of the No 18 shirt inherits Bale number

dogj6613 2022-06-19 16:35:29

Regarder film 4K HD

firdauskomarove 2022-06-19 12:36:40

性愛中怎樣才能持久?多用這些小技巧

SteveSapp9 2022-06-18 15:52:27

Ver Pelicula HD 4K

firdauskomarove 2022-06-18 13:35:49

必利吉吃法,必利吉哪裏買

LouisRodgers5773 2022-06-17 11:18:38

Guarda HD Ultra 4K

firdauskomarove 2022-06-17 08:49:35

dfgshfdg

tenoxop591 2022-06-16 19:51:46

這三個性愛技巧 是所有男人都必須掌握的

SteveSapp9 2022-06-16 15:29:47

HerpaGreens Review - You Read its Ingredients Benefits and Side Effects?

ophnjhas 2022-06-15 17:13:35

adagerb sfvgaerg erag

edsa46457 2022-06-15 02:28:31

男人性功能障礙有何表現

LouisRodgers5773 2022-06-14 12:29:07

DBI\DPI\DSI簡介 (紀錄)

cheweiwu1986 2022-06-14 11:30:42

Biotech Ingredients Market Rising Demand and Future Scope till by 2030

chhidami.a.msg 2022-06-13 20:59:00