Created
January 3, 2023 22:30
-
-
Save spddl/2750c150fd7d45e992728f4d4b72cf90 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
HRESULT FUN_180057c30(IID *param_1,LPUNKNOWN param_2,DWORD param_3,IID *param_4,longlong **param_5) | |
{ | |
longlong *plVar1; | |
undefined4 *puVar2; | |
undefined4 uVar3; | |
undefined4 uVar4; | |
undefined4 uVar5; | |
DWORD DVar6; | |
DWORD DVar7; | |
HRESULT HVar8; | |
HANDLE pvVar9; | |
undefined4 *puVar10; | |
undefined8 uVar11; | |
wchar_t *pwVar12; | |
wchar_t *pwVar13; | |
undefined8 uVar14; | |
int local_28; | |
DWORD local_24; | |
DWORD local_20 [2]; | |
DVar7 = 0; | |
if ((((*(longlong *)param_1 == 0x47fa21f5c2f03a33) && | |
(*(longlong *)param_1->Data4 == 0x39f2a2626315bbb4)) && | |
(DVar6 = GetCurrentThreadId(), DAT_180079de4 != DVar6)) && (DAT_1800797c0._1_1_ != '\0')) { | |
local_28 = 0; | |
local_24 = 4; | |
SHRegGetValueW((HKEY)0xffffffff80000001, | |
L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced", | |
L"NoXAMLPrelaunch",0x10,(DWORD *)0x0,&local_28,&local_24); | |
local_24 = 4; | |
uVar14 = 0x10; | |
SHRegGetValueW((HKEY)0xffffffff80000001,L"Software\\StartIsBack",L"NoXAMLPrelaunch",0x10, | |
(DWORD *)0x0,&local_28,&local_24); | |
if (local_28 == 0) goto LAB_180057d9a; | |
pvVar9 = OpenEventW(2,0,L"ShellStartReadyEvent"); | |
SetEvent(pvVar9); | |
CloseHandle(pvVar9); | |
if (pvVar9 == (HANDLE)0x0) goto LAB_180057d9a; | |
uVar11 = 0; | |
pwVar12 = L"ShellSearchReadyEvent"; | |
pvVar9 = OpenEventW(2,0,L"ShellSearchReadyEvent"); | |
SetEvent(pvVar9); | |
CloseHandle(pvVar9); | |
if (pvVar9 == (HANDLE)0x0) goto LAB_180057d9a; | |
DAT_1800797c0._1_1_ = '\0'; | |
FUN_180001aa0("StartIsBack: forbiding XAML launcher to start",uVar11,pwVar12,uVar14); | |
LAB_180057d90: | |
HVar8 = -0x7fffbfff; | |
} | |
else { | |
LAB_180057d9a: | |
if (((*(longlong *)param_1 == 0x46ea10a845ba127d) && | |
(*(longlong *)param_1->Data4 == 0x3c947890ea56b78a)) && | |
((DVar6 = GetCurrentThreadId(), DAT_180079de4 == DVar6 && ((char)DAT_1800797c0 != '\0')))) { | |
DAT_1800797c0._0_1_ = '\0'; | |
local_28 = 0; | |
local_20[0] = 4; | |
SHRegGetValueW((HKEY)0xffffffff80000001, | |
L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced", | |
L"NoXAMLPrelaunch",0x10,(DWORD *)0x0,&local_28,local_20); | |
local_20[0] = 4; | |
SHRegGetValueW((HKEY)0xffffffff80000001,L"Software\\StartIsBack",L"NoXAMLPrelaunch",0x10, | |
(DWORD *)0x0,&local_28,local_20); | |
if ((local_28 != 0) || (_DAT_18007a29c != 0)) { | |
DVar7 = 1; | |
} | |
local_20[0] = 4; | |
local_24 = DVar7; | |
SHRegGetValueW((HKEY)0xffffffff80000001, | |
L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced", | |
L"NoEdgePrelaunch",0x10,(DWORD *)0x0,&local_24,local_20); | |
local_20[0] = 4; | |
pwVar13 = L"NoEdgePrelaunch"; | |
uVar14 = 0x10; | |
pwVar12 = L"Software\\StartIsBack"; | |
SHRegGetValueW((HKEY)0xffffffff80000001,L"Software\\StartIsBack",L"NoEdgePrelaunch",0x10, | |
(DWORD *)0x0,&local_24,local_20); | |
if (local_24 != 0) { | |
FUN_180001aa0("StartIsBack: forbiding Edge prelaunch",pwVar12,pwVar13,uVar14); | |
return -0x7fffbfff; | |
} | |
} | |
if (((*(longlong *)param_1 == 0x40b9fa8d6b3b8d23) && | |
(*(longlong *)param_1->Data4 == 0x522c3e3350b9bd8d)) && | |
(DVar7 = GetCurrentThreadId(), DAT_180079de4 == DVar7)) { | |
local_24 = 0; | |
local_20[0] = 4; | |
SHRegGetValueW((HKEY)0xffffffff80000001, | |
L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced",L"NoMetro", | |
0x10,(DWORD *)0x0,&local_24,local_20); | |
local_20[0] = 4; | |
SHRegGetValueW((HKEY)0xffffffff80000001,L"Software\\StartIsBack",L"NoMetro",0x10,(DWORD *)0x0, | |
&local_24,local_20); | |
if (local_24 != 0) goto LAB_180057d90; | |
} | |
if (((*(longlong *)param_1 == 0x439d7345dbce7e40) && | |
(*(longlong *)param_1->Data4 == 0x99a81114a112cb1)) && | |
((*(longlong *)param_4 == 0x43092be7130a2f65 && | |
(*(longlong *)param_4->Data4 == 0x1cb6f22f05a9589a)))) { | |
HVar8 = CoCreateInstance(param_1,param_2,param_3,param_4,param_5); | |
if (HVar8 == 0) { | |
plVar1 = *param_5; | |
puVar10 = DAT_18007a9e0; | |
if (DAT_18007a9e0 == (undefined4 *)0x0) { | |
if ((DAT_18007a9e8 & 1) == 0) { | |
DAT_18007a9d8 = *plVar1; | |
DAT_18007a9e8 = DAT_18007a9e8 | 1; | |
} | |
puVar10 = (undefined4 *)??2@YAPEAX_K@Z(0x68); | |
puVar2 = (undefined4 *)*plVar1; | |
uVar3 = puVar2[1]; | |
uVar4 = puVar2[2]; | |
uVar5 = puVar2[3]; | |
DAT_18007a9e0 = puVar10; | |
*puVar10 = *puVar2; | |
puVar10[1] = uVar3; | |
puVar10[2] = uVar4; | |
puVar10[3] = uVar5; | |
uVar3 = puVar2[5]; | |
uVar4 = puVar2[6]; | |
uVar5 = puVar2[7]; | |
puVar10[4] = puVar2[4]; | |
puVar10[5] = uVar3; | |
puVar10[6] = uVar4; | |
puVar10[7] = uVar5; | |
uVar3 = puVar2[9]; | |
uVar4 = puVar2[10]; | |
uVar5 = puVar2[0xb]; | |
puVar10[8] = puVar2[8]; | |
puVar10[9] = uVar3; | |
puVar10[10] = uVar4; | |
puVar10[0xb] = uVar5; | |
uVar3 = puVar2[0xd]; | |
uVar4 = puVar2[0xe]; | |
uVar5 = puVar2[0xf]; | |
puVar10[0xc] = puVar2[0xc]; | |
puVar10[0xd] = uVar3; | |
puVar10[0xe] = uVar4; | |
puVar10[0xf] = uVar5; | |
uVar3 = puVar2[0x11]; | |
uVar4 = puVar2[0x12]; | |
uVar5 = puVar2[0x13]; | |
puVar10[0x10] = puVar2[0x10]; | |
puVar10[0x11] = uVar3; | |
puVar10[0x12] = uVar4; | |
puVar10[0x13] = uVar5; | |
uVar3 = puVar2[0x15]; | |
uVar4 = puVar2[0x16]; | |
uVar5 = puVar2[0x17]; | |
puVar10[0x14] = puVar2[0x14]; | |
puVar10[0x15] = uVar3; | |
puVar10[0x16] = uVar4; | |
puVar10[0x17] = uVar5; | |
*(undefined8 *)(puVar10 + 0x18) = *(undefined8 *)(puVar2 + 0x18); | |
*(code **)(puVar10 + 0x12) = FUN_180058110; | |
} | |
*plVar1 = (longlong)puVar10; | |
} | |
} | |
else { | |
HVar8 = CoCreateInstance(param_1,param_2,param_3,param_4,param_5); | |
} | |
} | |
return HVar8; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment