AppCertDLLs do not work in GUI apps, why? - winapi

I was trying to automatically inject a dll to every process (including GUI) whenever it is started by a user . My DLL hooks DoDragDrop method of winapi and communicates with server to decide allow or disallow the drag & drop process. I use easyhook (particularly this tutorial) for hooking part. I created a gist for my code : Gist
In this url it says: Doesn’t work reliably against GUI applications. Stick to console apps. No wonder it didn't work in microsoft edge, and chrome.
I also tried code parts in these urls:
first
second
Finally , I already certificated my dll.
Is there any other way apart from appcertdlls? Thank you in advance.
Edit: I can't use appinitdlls, some users might have secure boot enabled.
Edit2: Seems like dlls in some tutorials is under system32 (this, and this) , and I moved mine under system32 too, but it did not
work.

PsSetLoadImageNotifyRoutine can be used, though it is a solution in kernel mode.

Related

Go back to previous application after exit?

I have a situation which would be easily solved if we were using android as originally designed (and partially coded). Unfortunately, we're going the MS C++ on Windows Enterprise route because of some vital legacy applications. Basically we're coding a launcher that needs to start an application and when that application is closed, the user is brought back to the previous application (the one that launched the 2nd application). I hope that makes sense.
I know this can be done because I vaguely recall an application I used in college for taking exams did something like this, but when I do a search all I get are android solutions. Any help or links to libraries to look at will be wonderful.
there are may ways here are 2 most obvious:
most easy and safe way is that launched application send message to launcher that it is closing
but you need to add code to that application
you can use windows messaging or mailbox or semaphores or whatever else.
launcher periodically checks if there is active window handle of the right class/type/GUID.
if not then pop up the restore/maximize or visibility and set focus to it self.
you need to know what class is that app of yours
of course if there are more apps of the same class/id/type/GUID this way you cannot know which one is which

How to register custom program to handle mailto protocol on Windows 7

OK, it might be a problem with my system but I'm having a very difficult time getting Windows 7 to recognize my custom exe as the default handler of the mailto protocol.
First, I've seen this:
Register Windows program with the mailto protocol programmatically
Next, I've seen these:
How to Register an Internet Browser or Email Client With the Windows Start Menu
Registering an Application to a URL Protocol
I've added what seemed the appropriate registry entries but I still get Windows Live Mail coming up every time I click a mailto link (whether in a browser or via the Run window). I've set the registry entries for all users and for the current user, still it doesn't work.
When I go to the 'default programs' app and scroll down to the mailto protocol, I only see Outlook and Windows Live Mail listed. My custom app doesn't even appear.
I figure that it's either something special with Windows 7 or it's something with my computer.
My custom app is a WinForms .Net app but I don't think that matters.
Any ideas are greatly welcome.
The way described in the answer which you referenced in your question seems correct way for Windows 7 as for other operation systems.
I suppose that you use 64-bit version of Windows 7 and your program is 32-bit application. So if your application write in the HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mailto\shell\open\command key it modifies only the key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\mailto\shell\open\command used for 32-bit applications. You can read more about registry virtualisation here and here.
If it's your case you can call directly native Win32 API RegOpenKeyEx with the KEY_WOW64_64KEY flag which will be ignored on 32-bit operation system.
Though a pretty late answer, what worked out for me is this: On regedit, this supersedes the registry keys mentioned in other answers:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\URLAssociations\MAILTO\Userchoice
Have a look at this page:
Default Mailto Registry
How can I add a custom url handler on Windows. Like iTunes itms:// Related but not.
This seems like a very high-nerd-level context to a fairly common problem. As a nerd, I'm swept up by the discourse on 64 vs x86 and the pseudo-universal binary aspects of .net. But the tech support troubleshooter in me can't help but think that the core problem needs to be made plain and addressed systematically...
So your real problem, regardless of the mail client (as you said yourself), and regardless of your CPU, is that you can't get your mail client to be the default protocol handler for mailto. Or to make it really simple, you can't get the program you like to be the default program.
I'm inclined to think that the 64/86 aspects of the problem are not relevant. They are interesting, and possibly having some effect, but if the program is running just fine (no issues with the code in that architecture, etc), and if it does email just fine (emails get send and received, all SMTP and IMAP all the way), then I doubt the OS is plotting to keep the client from taking over as the leader of the porch dogs.
If anything, I would say that the client had self-esteem issues and is afraid to be the mailto protocol handler. Most clients can't resist asking if the should be the primary and if you say yes, they pass the word along to the other apps and to the registry. They make sure everyone knows they are the new Mailbox king in the house.
So, what I would try first (basic troubleshooting): install another mail client and see if it has the same issue. If it does, your OS is a bully and you'll want to explore such routes.
But if this other client can get into the default programs club and be made the mailto handler, then the problem is with your app. It's a big wimp that doesn't know how to properly assert himself.
But like so many underdogs waiting for a cool kid to take them under their wing (and by wing, I mean Thunderbird. Don't bother with any other client), your app can stand on the shoulders of the working third-party client.
We have to assume that Thunderbird did at least one and possibly two things that your app didn't do. The first was getting it's name tied to the protocol in the registry. Go poke around and see if you can find his name and how it's associated to the mailto protocol. Chances are good that you can swap out his name for yours, or at the very least try to pin the protocol to you as well.
The second thing that T-Bird may have done was get himself in the "Default Programs" list (a feature of 7 that I didn't really like, because it had a cool concept behind it -- ie, let's group apps together up front rather than wait and see every time if one of them can do a similar job. But Windows screwed that good time (big surprise) by acting like the overprotective parent it always is, and showing up at the kids' party and saying "I think these two should be in this group, don't you?"
Well, my hope is that by getting access to the mailto by borrowing it from Thunderbird, that you'll be welcomed into the default programs club, but if you aren't and you are still the mailto handler, I'd write it off, at least gloat about it for a week or two, before trying to tackle that issue.
Now, if Thunderbird can't get mailto control, I'm very inclined to think that Windows 7 as actually put in to place some sort of strange caste system, where the application and it's installer (eg user) must some how prove their worthiness to be in the group by figuring out what the big secret is.
Oh, and if all else fails, try restarting in Safe Mode with no networking, install your client in that environment, and starting it up. See if you can't make it the default while the others are in suspended animation. Do a test run (with no network, obviously) by writing a basic HTML page with a mailto and see if clicking on it opens your client.
THen cross your fingers when you start back up in normal mode.
Let me know if any of the above proved the least bit helpful.

3rd Party Component brings down the IDE. How do I prevent this?

I am having to use a 3rd party ActiveX DLL in my VB6 application. However, now that I've included the DLL in the references and used it in code, every time I quit my app, it also quits VB6.
I don't see anything in the logs or event viewer that would suggest why this is happening.
Is there anyway to prevent this?
Btw, I have contacted the vendor, but they are focused on their .NET products, it seems.
You may not be using the component correctly by missing specific initialization or termination calls, which has the affect of bringing down VBIDE. This usually happens when the third-party component or your application make Win32 calls.
I have had a few applications that I ran them through the debugger, they always terminated VBIDE. Yet, running the Release or Debug versions normally, resulted in the applications working just fine.
Try switching DEP off for VB6.exe only or altogether.
Also, this might be a license checking issue i.e. registry permissions -- try running VB6 IDE as Administrator (right click->Run as Admin)
I'm not a VB6 programmer by trade. I just mess around with the stuff. I have heard of this scenario referred to as sub-classing. Run a search on pscode.com. They have code and tutorial examples about how to prevent it. Good luck.
Ouch. I feel your pain.
Can you switch to a .Net component, and use it from VB6 via interop? I.e. write a COM-visible wrapper in VB.Net?
Just to close this question out... After spending significant time trying various things I ended up writing code that unloaded the control, paused for 5 seconds and then quit app. That seemed to do the trick.

Vb6 application works in the IDE but the executable crashes

I have a little problem with visual basic 6 project. Everything works fine in the IDE
but the executable crashes every time, when I run the application. The application uses callbacks to communicate with a C++ dll. Even code as simple as showing a message box fails when the callback starts.
I changed the compilation mode to P-Code and still the problem persist.
Any help would be appreciate.
Thank you all
This sounds like the callbacks may be occurring on a different thread than your application is executing on. [EDIT: As I see Jim has already suggested.] If that's the case, yeah, kaboom just as soon as you "touch" anything OLE related or call into the runtime. Same story as with multimedia timer callbacks, fwiw, and I'd suspect you'll have to take the same precautions as one would with those if this is the case.
The short story with different thread callbacks is that you'll need to post a message to yourself, using PostMessage declared in a typelib so that the Err object isn't set by VB, then let the callback return. You do your own processing on receipt of the posted message. Here's the typelib I used for this with the CCRP Timers library:
http://vb.mvps.org/tools/files/postmessage.zip
Hope that helps...
Who's calling back to whom? Show us a little code.
The IDE can mask real problems, so just being able to run there is no guarantee that what you're doing is supported.
One common problem with callbacks is that VB6's runtime is not thread-safe, so if another thread is calling back into your VB code, you can't do anything that will invoke the runtime -- like access strings or objects.
There are ways around some of these issues, but I think we need to know more first.
Is the code being run from the same location as the IDE? Likely it is a reference problem, and you need to re-register the DLL.
A deployment package should make sure you have everything installed.
A few questions:
Is the executable on the same PC as it was developed, or a different one?
Does the file use a manifest file? If so, does mainfest call XP themes?
Also, if using manifest, does manifest use SXS for OCX files?

Scripting a GUI from within a Windows Service?

I would like to automate a windows app that comes only with as a GUI app (no support for command-line). The automation itself is relatively straightforward with AutoIt.
Yet, I am wondering, is-it possible to launch the Windows App from with a windows service (that would simply call the AutoIt script)?
Even if Auto-it can work with UAC, you will most likely run into Session Isolation troubles - i.e services and desktop don't mix and send messages to each other, unless explicitely coded to pass through it.
So it's possible, but it's not a piece of cake either.
You probably want to look at : Launching a .Net winforms application interactively from a service
While not at all advised because of complications associated with Session 0 isolation in the latest versions of Windows, AutoIt scripts can certainly be invoked from a Windows Service. Please see this page for a few sample scripts that work as expected when called from a Windows Service.
Unfortunately though, not all of the AutoIt functions seem to work in Session 0. We ran into trouble with the "Win*" routines (WinActivate, WinExists) so you should probably avoid those if you can. And since the documentation does not highlight the problematic functions be sure test thoroughly!

Resources