private void RunAnalysisButton_Click(object sender, RoutedEventArgs e)
{
SetUIMode(false);
LogScrollViewer.Visibility = Visibility.Hidden;
SetOutputButtonEnabledStatus(false);
LogOnlyMatches = Convert.ToBoolean(CheckboxLogOnlyMatches.IsChecked);
MainApp.Analyzer = new RegistryAnalyzer(this);
MainApp.Analyzer.SearchTerms = new List <string>()
{
SearchTerm1TextBox.Text, SearchTerm2TextBox.Text, SearchTerm3TextBox.Text
};
EntryLogger.main_window = this;
AnalysisRunLogger.LogNewRun();
AnalysisRunLogger.UpdateCurrentRunID();
Console.WriteLine("Collecting registry data");
List <RegistryKey> keys_to_search = new List <RegistryKey>();
if (Convert.ToBoolean(CheckboxCurrentUser.IsChecked))
{
RegistryKey opened_key = Registry.CurrentUser.OpenSubKey("SOFTWARE", false);
if (opened_key != null)
{
keys_to_search.Add(opened_key);
}
}
if (Convert.ToBoolean(CheckboxLocalMachine.IsChecked))
{
RegistryKey opened_key = Registry.LocalMachine.OpenSubKey("SOFTWARE", false);
if (opened_key != null)
{
keys_to_search.Add(opened_key);
}
}
if (Convert.ToBoolean(CheckboxRecentApps.IsChecked))
{
RegistryKey opened_key = Registry.CurrentUser.OpenSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps");
if (opened_key != null)
{
keys_to_search.Add(opened_key);
}
else
{
Console.WriteLine("Recent apps is null.");
}
}
if (Convert.ToBoolean(CheckboxRecentAppsDocs.IsChecked))
{
RegistryKey opened_key = Registry.CurrentUser.OpenSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32");
if (opened_key != null)
{
keys_to_search.Add(opened_key);
}
else
{
Console.WriteLine("Recent apps docs is null.");
}
}
if (Convert.ToBoolean(CheckboxRecentTorrents.IsChecked))
{
RegistryKey opened_key = Registry.CurrentUser.OpenSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs");
if (opened_key != null)
{
keys_to_search.Add(opened_key);
}
else
{
Console.WriteLine("Recent Torrents is null.");
}
}
Thread collection_thread = new Thread(new ThreadStart(() =>
{
RegistryDataCollector[] collected_datas = MainApp.Analyzer.CollectRegistryData(keys_to_search);
MainApp.Analyzer.EntryCollectors = new List <RegistryDataCollector>(collected_datas);
List <RegistryEntry> recorded_entries = new List <RegistryEntry>();
foreach (RegistryDataCollector collector in collected_datas)
{
foreach (RegistryEntry entry in collector.RegistryEntries)
{
recorded_entries.Add(entry);
}
}
new Thread(new ThreadStart(() =>
{
if (!LogOnlyMatches)
{
SetUIMode(false);
EntryLogger.LogEntries(recorded_entries);
SetUIMode(true);
SetOutputButtonEnabledStatus(false);
}
})).Start();
OnDataCollectionIsFinished();
}));
collection_thread.Start();
}
