How can I read a HKEY_LOCAL_MACHINE\Software\MyApp key that have been created under a StdUser Level?

I have a C++ Win32 DLL, called by a application that is running 开发者_Go百科in requestedExecutionLevel of requireAdministrator in Windows7.

How can I read a HKEY_LOCAL_MACHINE\Software\MyApp key that have been created under a StdUser Level?

This key was automatically created in the HKEY_USERS\_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node

I´ve found this article about it but it refers only about running a process with code injection.

Thanks!

You can't.

You say StdUser application tried to write a setting into HKLM\Software\MyApp and ended up writing it to virtualized location HKEY_USERS\<UserSID>_Classes\VirtualStore...`. To read it you have to know the UserSID; if there are several users, each user may have different data written in that key.

Virtualization is turned off for processes which have requestedExecutionLevel in their manifest. See Controlling Registry Virtualization section on how you can modify virtualization behavior.

You can try to set privilege TRegistry *reg=new TRegistry(KEY_WOW64_64KEY), if you have 64bit OS. If you have 32 bit OS, reg->OpenKey("Software") and you automatically redirected to your key, then you could to do operations with this key.