“Utilities” or “Windows Registry as a platform”
I want to tell you a story about how solving specific application problems led me to use the Windows registry as a platform for storing and executing code.
Once upon a time, when I switched from XP to Seven, I considered introduction of priorities for I / O and paging, and not just processor, to be one of the important advantages of the new system. However, we now have the Ten in the yard, and convenient standard means of managing these priorities have not appeared.
As I am surprised to find out, most users are not at all aware of such a wonderful opportunity. They are satisfied with the option in the Task Manager to change the current CPU priority for an already running process (and only if it is allowed to them). And the situation when even the background process exposed to LOW by their disk sharing or swapping interferes with the work of more priority tasks is considered to be an inevitable evil.
Some, tired of referring to the Task Manager every time they start, insert into shortcuts to launch critical programs before the object itself, something like
This allows you to run something with HIGH priority (and not realtime, as they think), but does not affect the problem with I / O priority. In addition, a number of applications use the file launcher, which, in turn, runs the main program. And in this version, it will be launched with the default priority, and only the unnecessary startup program will flaunt in Task Manager with HIGH priority.
')
The solution to the problem is to create branches in the “
Of course, there are a number of third-party applications that will allow you to register the correct branches in the registry for the desired program, but I specifically mentioned the word “regular” in the first paragraph: often this needs to be done on a machine that does not allow installation of third-party executables, removable media is disabled, and it is difficult to obtain (both from the Internet and by mail) any executable files, packages, archives, BAT, CMD and even REG files. In especially serious cases, the real contents of the file are monitored for the change of type or the insertion of an unauthorized type into the container document.
So, with the registry, I set myself the task of writing a utility that allows you to change the basic startup priority of the program for both the CPU, and for IO and Paging, and at the same time:
The last requirement is important not only in terms of delivery. This is a universal way to show the user that the utility does not contain any bookmarks or unwanted functionality. At the same time and the implementation of one of the requirements of the GPL - the provision of source code.
The stated requirements determined the choice that this should be a scripting language, subsequent studies showed that even PowerShell should not be used, the usual CMD and VBS syntax would be enough, then I tried to fit one action on one line, not in a bat file, and then since in any case a registry entry was required, the idea was born to fit everything in the registry itself, thereby fulfilling the condition on the absence of files.
The result is a utility that looks like a drop-down submenu in the properties of executable files:
But she herself:
Accordingly, the installation process looks like this: we get the above source, save it as a reg-file, and run. After which it can be safely removed. And we get a new submenu on the right mouse click on the executable file.
In this case, however, it is worth considering two things:
1. What the utility does is only allowed for admins, so if you are not a member of the admin group, UAC will not do just by asking.
2. Windows for some reason shows a submenu not only on themselves. EXE, but also on their labels, but it does not call up the last submenu items.
Also, you must have noticed that:
- first, there is no priority Realtime,
- secondly, all priorities, except the CPU, go only downwards
- thirdly, the priority of Paging is set slightly higher than the priority of IO.
This is consistent with Microsoft’s prioritization recommendations:
- reduce u unnecessary, but not increase u right;
- Swapping is more important than working with files;
- do not work with Realtime (an “honest” realtime can really be dangerous for the stability of the entire system, therefore, through the registry, neither it nor high IO priority can be set).
Between the first and second gap is small - I decided in the same way to simplify the work with the regular firewall. To many, it is good, but not the convenience of handling it. In this case, I decided to speed up the creation of permits or bans on the program. (I consider the ability to bind rules to programs as the main advantage of an internal firewall over an external one.) I use the firewall in the outgoing connection blocking mode by default, so I often add a new program.
It turned out this:
and text:
I note that, unlike the first utility, here clicking on one item does not cancel the others, i.e. creating a prohibiting rule does not erase permissive, and vice versa. This is done in the case when several rules are created for one program and then each is specified (by ports, addresses, modes, etc.). Thus, if you click on both “allow” and “block”, 2 rules will be created, and the program’s network access will be closed (prohibiting rules take precedence over allowing ones).
Uninstallation for both utilities is regular - go to “Programs and Features” and delete:
PS Friends, thanks to your feedback, improved the display of submenus in Win10, the source code has been updated to version 1.1
Priorities
Once upon a time, when I switched from XP to Seven, I considered introduction of priorities for I / O and paging, and not just processor, to be one of the important advantages of the new system. However, we now have the Ten in the yard, and convenient standard means of managing these priorities have not appeared.
As I am surprised to find out, most users are not at all aware of such a wonderful opportunity. They are satisfied with the option in the Task Manager to change the current CPU priority for an already running process (and only if it is allowed to them). And the situation when even the background process exposed to LOW by their disk sharing or swapping interferes with the work of more priority tasks is considered to be an inevitable evil.
Some, tired of referring to the Task Manager every time they start, insert into shortcuts to launch critical programs before the object itself, something like
cmd /c start /realtime This allows you to run something with HIGH priority (and not realtime, as they think), but does not affect the problem with I / O priority. In addition, a number of applications use the file launcher, which, in turn, runs the main program. And in this version, it will be launched with the default priority, and only the unnecessary startup program will flaunt in Task Manager with HIGH priority.
')
The solution to the problem is to create branches in the “
Image File Execution Options ” in the registry, but it’s rather tedious to do it yourself.Of course, there are a number of third-party applications that will allow you to register the correct branches in the registry for the desired program, but I specifically mentioned the word “regular” in the first paragraph: often this needs to be done on a machine that does not allow installation of third-party executables, removable media is disabled, and it is difficult to obtain (both from the Internet and by mail) any executable files, packages, archives, BAT, CMD and even REG files. In especially serious cases, the real contents of the file are monitored for the change of type or the insertion of an unauthorized type into the container document.
So, with the registry, I set myself the task of writing a utility that allows you to change the basic startup priority of the program for both the CPU, and for IO and Paging, and at the same time:
- It uses only standard tools that are present in the default installation of windows.
- eliminates the need to enter the file name (for example, by activating from its context menu)
- eliminates the need to enter the administrator password in the command line or in the preliminary opening session under the administrator (the only thing that is permissible is the UAC popup window)
- (optional) does not leave any permanent files on the disk (so as not to annoy the staff of the First Division)
- (optional) supports uninstall
- (most importantly) can be obtained as text (by mail or from a web page), not a file.
The last requirement is important not only in terms of delivery. This is a universal way to show the user that the utility does not contain any bookmarks or unwanted functionality. At the same time and the implementation of one of the requirements of the GPL - the provision of source code.
The stated requirements determined the choice that this should be a scripting language, subsequent studies showed that even PowerShell should not be used, the usual CMD and VBS syntax would be enough, then I tried to fit one action on one line, not in a bat file, and then since in any case a registry entry was required, the idea was born to fit everything in the registry itself, thereby fulfilling the condition on the absence of files.
The result is a utility that looks like a drop-down submenu in the properties of executable files:
But she herself:
Windows Registry Editor Version 5.00 ;Copyright 2016 Trottle ;This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License version 3. ;This program is distributed WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ;See <http://www.gnu.org/licenses/> for more details. [-HKEY_CLASSES_ROOT\exefile\shell\Bpc] [HKEY_CLASSES_ROOT\exefile\shell\Bpc] "HasLUAShield"="" "MUIVerb"="Set base priority" "subcommands"="" [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\01low] "MUIVerb"="Idle CPU, lowest IO, low paging" "Icon"="comres.dll,9" [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\01low\command] @="cmd /q /c echo Windows Registry Editor Version 5.00>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & for /f \"delims=<\" %%i in (\"%1\") do echo [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\%%~nxi\\PerfOptions]>>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"CpuPriorityClass\"=dword:00000001>>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"IoPriority\"=dword:00000000>>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"PagePriority\"=dword:00000001>>%%TEMP%%\\pr.reg & regedit /s %%TEMP%%\\pr.reg & del %%TEMP%%\\pr.reg & msg * %~ni priority is set to IDLE" [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\02below] "MUIVerb"="Below normal CPU, low IO" "Icon"="comres.dll,12" [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\02below\command] @="cmd /q /c echo Windows Registry Editor Version 5.00>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & for /f \"delims=<\" %%i in (\"%1\") do echo [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\%%~nxi\\PerfOptions]>>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"CpuPriorityClass\"=dword:00000005>>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"IoPriority\"=dword:00000001>>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"PagePriority\"=->>%%TEMP%%\\pr.reg & regedit /s %%TEMP%%\\pr.reg & del %%TEMP%%\\pr.reg & msg * %~ni priority is set to BELOW NORMAL" [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\03above] "Icon"="comres.dll,8" "MUIVerb"="Above normal CPU" [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\03above\command] @="cmd /q /c echo Windows Registry Editor Version 5.00>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & for /f \"delims=<\" %%i in (\"%1\") do echo [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\%%~nxi\\PerfOptions]>>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"CpuPriorityClass\"=dword:00000006>>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"IoPriority\"=->>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"PagePriority\"=->>%%TEMP%%\\pr.reg & regedit /s %%TEMP%%\\pr.reg & del %%TEMP%%\\pr.reg & msg * %~ni priority is set to ABOVE NORMAL" [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\04high] "MUIVerb"="High CPU" "Icon"="comres.dll,16" "CommandFlags"=dword:00000040 [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\04high\command] @="cmd /q /c echo Windows Registry Editor Version 5.00>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & for /f \"delims=<\" %%i in (\"%1\") do echo [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\%%~nxi\\PerfOptions]>>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"CpuPriorityClass\"=dword:00000003>>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"IoPriority\"=->>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & echo \"PagePriority\"=->>%%TEMP%%\\pr.reg & regedit /s %%TEMP%%\\pr.reg & del %%TEMP%%\\pr.reg & msg * %~ni priority is set to HIGH" [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\06ask] "MUIVerb"="Show current priorities" "Icon"="shell32.dll,23" [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\06ask\command] @="cmd /q /c for /f \"delims=<\" %%i in (\"%1\") do reg query \"HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\%%~nxi\\PerfOptions\" /s | msg *" [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\07default] "MUIVerb"="Restore to default" "Icon"="comres.dll,4" [HKEY_CLASSES_ROOT\exefile\shell\Bpc\shell\07default\command] @="cmd /q /c echo Windows Registry Editor Version 5.00>%%TEMP%%\\pr.reg & echo.>>%%TEMP%%\\pr.reg & for /f \"delims=<\" %%i in (\"%1\") do echo [-HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\%%~nxi\\PerfOptions]>>%%TEMP%%\\pr.reg & regedit /s %%TEMP%%\\pr.reg & del %%TEMP%%\\pr.reg & msg * %~ni priority is restored to default" ; If you do not want to have uninstaller you can skip next part: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BpcSubMenu] "DisplayName"="'Set base priority' submenu" "DisplayIcon"="imageres.dll,73" "UninstallString"="cmd /q /c echo Windows Registry Editor Version 5.00>%TEMP%\\pr.reg & echo.>>%TEMP%\\pr.reg & echo [-HKEY_CLASSES_ROOT\\exefile\\shell\\Bpc]>>%TEMP%\\pr.reg & echo.>>%TEMP%\\pr.reg & echo [-HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\BpcSubMenu]>>%TEMP%\\pr.reg & regedit /s %TEMP%\\pr.reg & del %TEMP%\\pr.reg" "DisplayVersion"="1.1" "URLInfoAbout"="http://habrahabr.ru/post/317802/" "NoModify"=dword:00000001 "NoRepair"=dword:00000001 Accordingly, the installation process looks like this: we get the above source, save it as a reg-file, and run. After which it can be safely removed. And we get a new submenu on the right mouse click on the executable file.
In this case, however, it is worth considering two things:
1. What the utility does is only allowed for admins, so if you are not a member of the admin group, UAC will not do just by asking.
2. Windows for some reason shows a submenu not only on themselves. EXE, but also on their labels, but it does not call up the last submenu items.
Also, you must have noticed that:
- first, there is no priority Realtime,
- secondly, all priorities, except the CPU, go only downwards
- thirdly, the priority of Paging is set slightly higher than the priority of IO.
This is consistent with Microsoft’s prioritization recommendations:
- reduce u unnecessary, but not increase u right;
- Swapping is more important than working with files;
- do not work with Realtime (an “honest” realtime can really be dangerous for the stability of the entire system, therefore, through the registry, neither it nor high IO priority can be set).
Firewall
Between the first and second gap is small - I decided in the same way to simplify the work with the regular firewall. To many, it is good, but not the convenience of handling it. In this case, I decided to speed up the creation of permits or bans on the program. (I consider the ability to bind rules to programs as the main advantage of an internal firewall over an external one.) I use the firewall in the outgoing connection blocking mode by default, so I often add a new program.
It turned out this:
and text:
Windows Registry Editor Version 5.00 ;Copyright 2016 Trottle ;This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License version 3. ;This program is distributed WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ;See <http://www.gnu.org/licenses/> for more details. [-HKEY_CLASSES_ROOT\exefile\shell\FWc] [HKEY_CLASSES_ROOT\exefile\shell\FWc] "MUIVerb"="Set firewall rules" "Icon"="imageres.dll,102" "subcommands"="" [HKEY_CLASSES_ROOT\exefile\shell\FWc\shell\01] "MUIVerb"="block inbound" "Icon"="imageres.dll,100" [HKEY_CLASSES_ROOT\exefile\shell\FWc\shell\01\command] @="cmd /q /c echo CreateObject(\"Shell.Application\").ShellExecute \"cmd\", \"/q /c chcp 1251 & netsh advfirewall firewall add rule name=\"\"%1\"\" dir=in action=block program=\"\"%1\"\" enable=yes | msg * \", \"\", \"runas\" > %%temp%%\\ev.vbs & cscript %%temp%%\\ev.vbs & del %%temp%%\\ev.vbs" [HKEY_CLASSES_ROOT\exefile\shell\FWc\shell\02] "MUIVerb"="allow inbound" "Icon"="imageres.dll,101" [HKEY_CLASSES_ROOT\exefile\shell\FWc\shell\02\command] @="cmd /q /c echo CreateObject(\"Shell.Application\").ShellExecute \"cmd\", \"/q /c chcp 1251 & netsh advfirewall firewall add rule name=\"\"%1\"\" dir=in action=allow program=\"\"%1\"\" enable=yes | msg * \", \"\", \"runas\" > %%temp%%\\ev.vbs & cscript %%temp%%\\ev.vbs & del %%temp%%\\ev.vbs" [HKEY_CLASSES_ROOT\exefile\shell\FWc\shell\03] "Icon"="imageres.dll,100" "MUIVerb"="block outbound" [HKEY_CLASSES_ROOT\exefile\shell\FWc\shell\03\command] @="cmd /q /c echo CreateObject(\"Shell.Application\").ShellExecute \"cmd\", \"/q /c chcp 1251 & netsh advfirewall firewall add rule name=\"\"%1\"\" dir=out action=block program=\"\"%1\"\" enable=yes | msg * \", \"\", \"runas\" > %%temp%%\\ev.vbs & cscript %%temp%%\\ev.vbs & del %%temp%%\\ev.vbs" [HKEY_CLASSES_ROOT\exefile\shell\FWc\shell\04] "MUIVerb"="allow outbound" "Icon"="imageres.dll,101" "CommandFlags"=dword:00000040 [HKEY_CLASSES_ROOT\exefile\shell\FWc\shell\04\command] @="cmd /q /c echo CreateObject(\"Shell.Application\").ShellExecute \"cmd\", \"/q /c chcp 1251 & netsh advfirewall firewall add rule name=\"\"%1\"\" dir=out action=allow program=\"\"%1\"\" enable=yes | msg * \", \"\", \"runas\" > %%temp%%\\ev.vbs & cscript %%temp%%\\ev.vbs & del %%temp%%\\ev.vbs" [HKEY_CLASSES_ROOT\exefile\shell\FWc\shell\06] "MUIVerb"="Show firewall panel" "Icon"="imageres.dll,109" [HKEY_CLASSES_ROOT\exefile\shell\FWc\shell\06\command] @="mmc.exe wf.msc" ; If you do not want to have uninstaller you can skip next part: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FWcSubMenu] "DisplayName"="'Set firewall rules' submenu" "DisplayIcon"="imageres.dll,102" "UninstallString"="cmd /q /c echo Windows Registry Editor Version 5.00>%TEMP%\\pr.reg & echo.>>%TEMP%\\pr.reg & echo [-HKEY_CLASSES_ROOT\\exefile\\shell\\FWc]>>%TEMP%\\pr.reg & echo.>>%TEMP%\\pr.reg & echo [-HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\FWcSubMenu]>>%TEMP%\\pr.reg & regedit /s %TEMP%\\pr.reg & del %TEMP%\\pr.reg" "DisplayVersion"="1.1" "URLInfoAbout"="http://habrahabr.ru/post/317802/" "NoModify"=dword:00000001 "NoRepair"=dword:00000001 I note that, unlike the first utility, here clicking on one item does not cancel the others, i.e. creating a prohibiting rule does not erase permissive, and vice versa. This is done in the case when several rules are created for one program and then each is specified (by ports, addresses, modes, etc.). Thus, if you click on both “allow” and “block”, 2 rules will be created, and the program’s network access will be closed (prohibiting rules take precedence over allowing ones).
Uninstallation for both utilities is regular - go to “Programs and Features” and delete:
PS Friends, thanks to your feedback, improved the display of submenus in Win10, the source code has been updated to version 1.1
Source: https://habr.com/ru/post/317802/
All Articles