|
I don't have an issue with MAX_PATH, I am using unicode API's with the funky \\?\ prefix. (everyone should use unicode!)
The filesystem isn't remote though. My software is running locally on the same machine where the file system is stored. It's just that the folder structure is created by a mac which is connected to my machine remotely. But, to my software, the file system is local.
If I scan the folders using FindFirstFile I don't get the artifact. The file paths coming back from ReadDirectoryChangesW include it.
I cannot use any sort of GetShortFileName(), GetLongFileName() function -- because in the case of a "delete file" notification, these functions don't work. I need a more systemic answer -- one which operates on the path not on the file -- to deal with this.
I guess, I am going to have to implement a periodic scan to make sure that I have accurate information. But mostly, I am trying to figure out what that mysterious artifact is, in the path that I get back from ReadDirectoryChangesW().
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br />
Peter Weyzen<br />
Staff Engineer<br />
<a href="http://www.soonr.com">SoonR Inc -- PC Power delivered to your phone</a>
|
|
|
|
|
Hi all,
could you give me a little hint how to get a name of process which opened file?
example:
I have a file C:\temp\test.txt - I need to know which process opened this file.
Thanks.
|
|
|
|
|
|
Do you want a utility to do this or know how to code it yourself? SysInternals have utilities that can tell you this information.
Steve
|
|
|
|
|
Did you need to this code?
DWORD m_Return=GetModuleFileNameEx(hProcess, hModuleHandle, str1, sizeof(str1) );
|
|
|
|
|
Hello!
I have a few questions concerning drivers. I don't know if this is the right board to post this kind of problems but here they are:
1. I want to create a keyboard filter driver. Is there any method that can ensure no other filter driver (keylogger) will attach to the keyboard driver (between the keyboard driver and my filter driver) ?
2. I want to create another filter driver that will be installed nearest to a specified application (so that no other filter driver can get between this filter driver and the application). If this is possible, could anyone help me with a few links to documentation involving this kind of issues?
3. Is there any API which I can use to check whether a driver is digitally signed?
Thanks in advance!
modified on Tuesday, January 29, 2008 4:50:54 PM
|
|
|
|
|
Eikthrynir wrote: 1. I want to create a keyboard filter driver. Is there any method that can ensure no other filter driver (keylogger) will attach to the keyboard driver (between the keyboard driver and my filter driver) ?
The only thing I can think of is modifying the EAT of ntoskrnl and hooking IoCreateDevice. You would need to block devices of type FILE_DEVICE_KEYBOARD from being created. Perhaps the same could be accomplished later by hooking IoAttachDeviceToDeviceStack.
Eikthrynir wrote: 2. I want to create another filter driver that will be installed nearest to a specified application (so that no other filter driver can get between this filter driver and the application). If this is possible, could anyone help me with a few links to documentation involving this kind of issues?
Your ring-3 application will need to communicate with the keyboard filter driver through an IOCTL dispatch interface. You could obfuscate or encrypt communication with the driver, and/or from within the driver you should verify the sender by checksum of its PE image or whatever clever scheme you can think of.
Eikthrynir wrote: 3. Is there any API which I can use to check whether a driver is digitally signed?
Perhaps you should read some Microsoft documentation about kernel driver signing.
http://www.microsoft.com/whdc/winlogo/drvsign/kmcs_walkthrough.mspx[^]
Best Wishes,
-David Delaune
|
|
|
|
|
At the second question I forgot to mention that the application I want to communicate with is not created by me. So it's impossible for me to modify it. I'm searching for a solution involving the modification of the driver only...
|
|
|
|
|
Am having difficulty getting C++ 2008 to LINK to the strcopy function. I get compiler errors on other function calls too, but they all get resolved by the linker .. all but strcopy.
I am clueless .. here is the compiler/linker output. Thanks for looking.
--Roger
-----------------
1>------ Build started: Project: GuessingGame, Configuration: Debug Win32 ------
1>Compiling...
1>GuessingGame.c
1>r:\guessinggame\guessinggame\guessinggame.c(18) : warning C4996: 'scanf': This function or variable may be unsafe. Consider using scanf_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.
1> c:\program files\microsoft visual studio 9.0\vc\include\stdio.h(306) : see declaration of 'scanf'
1>r:\guessinggame\guessinggame\guessinggame.c(20) : warning C4996: 'scanf': This function or variable may be unsafe. Consider using scanf_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.
1> c:\program files\microsoft visual studio 9.0\vc\include\stdio.h(306) : see declaration of 'scanf'
1>r:\guessinggame\guessinggame\guessinggame.c(22) : warning C4013: 'time' undefined; assuming extern returning int
1>r:\guessinggame\guessinggame\guessinggame.c(26) : warning C4013: 'strcopy' undefined; assuming extern returning int
1>r:\guessinggame\guessinggame\guessinggame.c(39) : warning C4013: 'getch' undefined; assuming extern returning int
1>Linking...
1>GuessingGame.obj : error LNK2019: unresolved external symbol _strcopy referenced in function _main
1>R:\GuessingGame\Debug\GuessingGame.exe : fatal error LNK1120: 1 unresolved externals
1>Build log was saved at "file://r:\GuessingGame\GuessingGame\Debug\BuildLog.htm"
1>GuessingGame - 2 error(s), 5 warning(s)
========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ==========
|
|
|
|
|
You could try removing the o from strcopy()
"Undefined" warnings mean what they say - the compiler doesn't know
how the symbol is defined.
Check the documentation for each undefined function and make sure you're
#including the header file containing the definition.
Mark
Mark Salsbery
Microsoft MVP - Visual C++
|
|
|
|
|
LOL ... <<huge BLUSH>> ... thanks for the 'o', Mark
|
|
|
|
|
hi all ,
i want to write a simple programm for cell phone ( Mobile ) programm application , for e.g. i want to unlock or remove password when a user forgot his password for his mobile . for this in visual c++ 2005 , is there help for me , how can i start to mobile programming like this i mention. my model mobile is samsung .
thanx for any help .
urs
mostafa
s_mostafa_h
|
|
|
|
|
I am trying to use a VB/DLL in a C++ application
when I '#import' the dll and call a function from it
the compiler gives the following error C2352:
"illegal call of non-static member function"
I seem to be going in the wrong direction can
someone turn me around and point me in the right direction?
some code snippets:
#import "AutoMove.dll"
.
.
.
MTAutoMover::_AutoMover::Put_EmployeeID();
.
.
Thanks for any help
|
|
|
|
|
The problem seems to be that you are not instantiating the variable before calling it's member function.
Without knowing the class or type, perhaps try something like:
MTAutoMover::_AutoMover in;
in.Put_EmployeeID();
Hope this helps.
|
|
|
|
|
Hi there,
I have an application that sends/ receives messages via sockets and logs all the messages for future inquiry. I need to check a particular message and count the number of message I received every day. SO I need a timer that resets everyday (say 00:00:00) and restart the timer.
I appreciate any ideas
Thanks,
|
|
|
|
|
In the logger, use a counter to count, and check if the day-value changes.
Maxwell Chen
|
|
|
|
|
Maybe use SetTimer() to create a periodic timer, set to an interval
appropriate for the accuracy you desire.
On each WM_TIMER message, use GetLocalTime() or GetSystemTime() to
check for the wall clock time you want to do the reset at.
Mark
Mark Salsbery
Microsoft MVP - Visual C++
|
|
|
|
|
Thanks for the tip, but as I am new in this area, I am not sure how to check for the time in my application. like if time (00:00:00 set counter to zero)...
Regards,
|
|
|
|
|
Mark Salsbery wrote: ...use GetLocalTime() or GetSystemTime()...
Mark Salsbery
Microsoft MVP - Visual C++
|
|
|
|
|
You can lead a horse to water but you can't make him fish
led mike
|
|
|
|
|
Mark Salsbery wrote: SetTimer() to create a periodic timer, set to an interval
appropriate for the accuracy you desire.
There would be the first thing to do for SetTimer solution: To precisely seed the timer right at the point at 00:00:00 (as in the OP mentioned). It takes effort.
Then another thing to concern: When the user or NTP service adjust the time (let's say 5 minutes fast, originally 19:28:02 --> new time 19:33:02), the next timeout event will be fired at 00:05:00, not the original configuration 00:00:00.
Maxwell Chen
|
|
|
|
|
Of course...It really didn't sound like it needed that kind of accuracy.
Checking once a minute for 00:00 might be sufficient. Or check every second
and catch the first midnight rollover.
Or it could sit in a busy loop monitoring the atomic clock
in Colorado.
I just threw the option out there
Cheers,
Mark
Mark Salsbery
Microsoft MVP - Visual C++
|
|
|
|
|
Türkçe-Ingilizce translator programini yazmaya gönüllüyüm ve sizden izin istiyorum. Güzel bisey görmek isteyenlere ve software sirketlerine duyrulur. Yok bana microsoft'un çalinti minicik kütüphanesiyle oynamak hosuma gidiyor diyenlere bi sözüm olamaz.
[Malum özürlüyüz]
modified on Tuesday, January 29, 2008 1:55:31 PM
|
|
|
|
|
In English, please!
Maxwell Chen
|
|
|
|
|
I can be willing in developing a translator (turkish-English) software. This is the permission from you, i want to do something superb. If you say with the stolen and tiny library of the microsoft to play becoming sufficient, you know.
|
|
|
|