According to the MSDN documentation for SetFocus()[^] you can only set the focus to a window that is attached to your own message queue. Just say 'NO' to evaluated arguments for diadic functions! Ash

1. I think the compiler writers are allowed to decide what their default option will be. 2. Padding of short items allows the compiler to take advantage of processor hardware. In some cases the system is more efficient if words, double words etc are aligned on even boundaries. It's time for a new signature.

Take a look at this article[^], you are not the first person to struggle with this. It's time for a new signature.

SYSTEM is a user in the Windows system that has a different set of privileges than the interactive user. This name of the user does not mean it only runs system processes. For example, most of the services that you create are run in the SYSTEM user context. «_Superman_» I love work. It gives me something to do between weekends. Microsoft MVP (Visual C++)

As I understand it, you want to include in your executable, a number of Datablocks which you want to use as prototype executable files, to be called by your process. This can be done, and I've done it. If that's what you want, it also requires No ASM Code to implement! :) Bram van Kampen

Amen :) Bram van Kampen

Actually what you want to achieve? First thing, you can modify, but which tool you are using hexeditor? If you want to get the Load address which is entry point of the PE. then you can get that. HMODULE hModDLL = LoadLibraryEx( "path\name.exe", NULL, DONT_RESOLVE_DLL_REFERENCES ); Величие не Бога может быть недооценена.

thank you ... I guessed so ;) Thank you masters!

If an API is not a tool, then please tell us what it is? :rolleyes: "Old age is like a bank account. You withdraw later in life what you have deposited along the way." - Unknown "Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons

This board is for programming queries specific to C/C++/MFC. It is a crappy thing, but it's life -^ Carlo Pallini

Jusef Marzbany wrote: But I actually meant to know if there's anyway to write a DLL or something and force windows explorer to load and run it when OS starts. With a DLL, not directly. You'd need to use Rundll32.exe to get it going. If you already had an EXE, then yes. In either case, the registry would be involved. "Old age is like a bank account. You withdraw later in life what you have deposited along the way." - Unknown "Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons

DLL injection it's my pleasure to make friend with you.

You are probably right. If you want to have EVERYONE permission, you need to create new security descriptor. NULL says that the default ACL is used, i.e. only the user or someone with higher privileges (administrator for example) can change the file. Try this: SECURITY_ATTRIBUTES m_pSecAttrib; SECURITY_DESCRIPTOR* m_pSecDesc; m_pSecDesc = (SECURITY_DESCRIPTOR*)LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH); InitializeSecurityDescriptor(m_pSecDesc, SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(m_pSecDesc,TRUE,(PACL)NULL,FALSE)) m_pSecAttrib.nLength = sizeof(SECURITY_ATTRIBUTES); m_pSecAttrib.bInheritHandle = TRUE; m_pSecAttrib.lpSecurityDescriptor = m_pSecDesc; It should create security descriptor with EVERYONE permission. Instead of NULL, send &m_pSecAttrib. Hope I helped.

Just search on google man :) clue:- INetConnectionManager in vc++ More clue:- u need three interface to do that INetConnection* pConnect INetConnectionManager* pMgr IEnumNetConnection* pEnum Using pMgr->EnumConnections( NCME_DEFAULT, &pEnum ) get all the connection Loop it and check whether "Local Area Connection" or what ever connection you want to check and call pConnect->Disconnect() to disconnect your NIC. Величие не Бога может быть недооценена. modified on Friday, August 7, 2009 12:20 AM

Does seem like that. For a good test, open a command prompt & ping microsoft i.e "ping www.microsoft.com" It should resolve to something like: 65.55.12.2491 - when I was affected by something last week, all addresses involving microsoft and many anti-virus vendors were being resolved to 127.0.0.1 I got around this by doing a dns lookup on www.microsoft.com, then substituting that ip for any part of the url that was www.microsoft.com (Same with avg and avira, etc) e.g I want www.microsft.com/downloads/somefile.zip www.microsoft.com is being resolved to my loopback address, so I insert the ip that this should resolve to into the address bar --> 65.55.12.2491/downloads/somefile.zip The problem lay in a registry key contained within HKLM/Software/Microsoft/Windows NT/CurrentVersion/Winlogon it was UIShell, or something like that. (it was NOT UIHost, that is a neccessary entry) The key points to an executable file that is run on start-up and proceeds to hide itself from directory searches, as well as hiding the registry key needed to remove it! The solution? Use a program that uses direct registry access - The registry keys can't be hidden then since we're not using the wnidows api Registry calls that the virus has already hooked. You should have a look for GMER - that's all I needed to access and repair the registry (make sure you get a new version from the author's website). Oh, and btw - it wasn't conficker, dunno what it was - AVG reckons that the file is clean :mad:

Is this helpful - Waiting until the dialog box is displayed before doing something.[^] You can easly modify that for your control. Regards, Jijo. _____________________________________________________ http://weseetips.com[^] Visual C++ tips and tricks. Updated daily.