关掉64位系统中32位程序的目录重定向

关掉64位系统中32位程序的目录重定向

在64位Windows系统中运行的32位程序会被系统欺骗.
例如windowssystem32的目录实际是windowssyswow64目录的映射.
program files实际是program files(x86)的映射.

注册表的hkey_local_machinesoftware实际是hkey_local_machinesoftwarewow6432node子键的映射.

那么如何访问到真正的64位程序的目录和注册表呢?关掉目录重定向即可.

关闭文件的重定向：

var
 OldWow64RedirectionValue: LongBool;
 
function DisableWowRedirection: Boolean;
 type
 TWow64DisableWow64FsRedirection = function(var Wow64FsEnableRedirection
 : LongBool): LongBool; StdCall;
 
var
 hHandle: THandle;
 Wow64DisableWow64FsRedirection: TWow64DisableWow64FsRedirection;
 
begin
 Result := true;
 
try
 hHandle := GetModuleHandle('kernel32.dll');
 @Wow64DisableWow64FsRedirection := GetProcAddress(hHandle,
 'Wow64DisableWow64FsRedirection');
 
if ((hHandle <> 0) and (@Wow64DisableWow64FsRedirection <> nil)) then
 Wow64DisableWow64FsRedirection(OldWow64RedirectionValue);
 except
 Result := False;
 end;
 end;
 
function RevertWowRedirection: Boolean;
 type
 TWow64RevertWow64FsRedirection = function(var Wow64RevertWow64FsRedirection
 : LongBool): LongBool; StdCall;
 
var
 hHandle: THandle;
 Wow64RevertWow64FsRedirection: TWow64RevertWow64FsRedirection;
 begin
 Result := true;
 try
 hHandle := GetModuleHandle('kernel32.dll');
 @Wow64RevertWow64FsRedirection := GetProcAddress(hHandle,
 'Wow64RevertWow64FsRedirection');
 
if ((hHandle <> 0) and (@Wow64RevertWow64FsRedirection <> nil)) then
 Wow64RevertWow64FsRedirection(OldWow64RedirectionValue);
 except
 Result := False;
 end;
 end;

注册表就很简单了：

var
  r: TRegistry;
begin
 
  r := TRegistry.Create;
  r.RootKey := HKEY_LOCAL_MACHINE;
  r.Access := r.Access or KEY_WOW64_64KEY; //注意这一行.
  if r.OpenKey('SOFTWAREabc', true) then
  begin
    r.WriteString('test', 'test');
  end;
  r.Free;
 
end;

 参考：http://www.raysoftware.cn/?p=131