Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
19 users logged in
New? Learn about game development.
Before posting, review our community guidelines.
Follow Us
Chat in the GameDev.net Discord!
Mastodon
Back to General and Gameplay Programming

C++/Win Intercept FlashWindow

Started by
7 comments, last by Amrazek 14 years, 2 months ago
Hello, I try to "hook" the FlashWindow API function. I found the following code (that I don't fully understand ...): 

/*
CallbackFunction is the replacement function
TargetFunctionPtr is the original function
*/

HMODULE hmodCaller = GetModuleHandle(0);

PROC* AdressOfFunc = NULL;

TargetFunctionPtr = GetProcAddress(GetModuleHandle(L"User32.dll"), "FlashWindow");

ULONG ulSize;
PIMAGE_IMPORT_DESCRIPTOR pImportDesc = (PIMAGE_IMPORT_DESCRIPTOR)ImageDirectoryEntryToDataEx(hmodCaller, TRUE, IMAGE_DIRECTORY_ENTRY_IMPORT, &ulSize, NULL); 

if (pImportDesc == NULL)
{
	return false;
}

for (; pImportDesc->Name; pImportDesc++)
{
	PSTR pszModName = (PSTR)((PBYTE) hmodCaller + pImportDesc->Name);

	if (lstrcmpiA(pszModName, moduleNameA) == 0)
	{
		break;
	}
}

if (pImportDesc->Name == 0)
{
	return false;
}

PIMAGE_THUNK_DATA pThunk = (PIMAGE_THUNK_DATA) ((PBYTE) hmodCaller + pImportDesc->FirstThunk);

for (; pThunk->u1.Function; pThunk++)
{
	PROC* ppfn = (PROC*) &pThunk->u1.Function;

	if (*ppfn == TargetFunctionPtr)
	{
		AdressOfFunc = ppfn;
		break;
	}
}

bool ret = false;

if (AdressOfFunc != NULL)
{
	DWORD dwOld, dw;
	VirtualProtect(AdressOfFunc, 4, PAGE_EXECUTE_READWRITE, &dwOld);
	if (!IsBadWritePtr(AdressOfFunc, 4))
	{
		*AdressOfFunc = (PROC) CallbackFunction;
		ret = true;
	}
	VirtualProtect(AdressOfFunc, 4, dwOld, &dw);
}

return ret;
This code works perfectly for FlashWindowEx, but FlashWindow can't be found in the for (; pThunk->u1.Function; pThunk++) loop. Also, this loop enumerates about 100 functions, I guess this is quite few for "User32.dll". Any idea why this works with one and not the other ? Thanks, K.
Advertisement
That code goes through the EXE file and looks at each of the functions it imports. The reason it doesn't work is that the EXE doesn't use FlashWindow (Which makes sense if it uses FlashWindowEx instead).
OK makes sense.
In that case, I guess I can't intercept any other FlashWindow call from other applications (I mean system-wide) ?
I thought this was the way to do it.
Am I on the right way ?
I've seen a lot of mini-apps that can detect this particular event, so I *think* it is not so hard to do, but I'm lost here ...
Take a look at This. With that method, you put the code in a DLL and then inject that DLL into every process on the system by installing a global window hook. In the DLL_PROCESS_ATTACH notification, you hook the FlashWindow and/or FlashWindowEx calls to do what you like.
OK thanks for helping.

My tests are (nearly) working with MSN.
It (MSN) crashes sometimes, when my FlashWindow replacement function is called (in fact, when the original function is called after I did my own stuff), I can't be sure why ...

But I can't have Skype to be hooked too.
Every Skype EXE (Skype.exe, skypePM.exe, SkypeNames.exe) is seen but none seems to import FlashWindow/Ex.

Any idea ?
I read that programs calling a proc via GetProcAddress would not be hooked with this style of hooking, is it true ?

Again, I've seen lot of sofwtare doing it, most of them are free, I'm surprised this is so undocumented on the web.
Maybe I don't know what to search ...

Quote:Original post by Kiristu
OK thanks for helping.

My tests are (nearly) working with MSN.
It (MSN) crashes sometimes, when my FlashWindow replacement function is called (in fact, when the original function is called after I did my own stuff), I can't be sure why ...
What is the exact error you get? Are you running MSN through Visual Studio? (If not, you probably should be so you can get useful debug info)

Quote:Original post by Kiristu
But I can't have Skype to be hooked too.
Every Skype EXE (Skype.exe, skypePM.exe, SkypeNames.exe) is seen but none seems to import FlashWindow/Ex.
Skype uses some interersting methods to get around API hooking, making this method useless, yes.

Quote:Original post by Kiristu
I read that programs calling a proc via GetProcAddress would not be hooked with this style of hooking, is it true ?
Yes, that's true. You can get around it by hooking GetProcAddress() and returning your dummy function if you detect they're trying to get the address of FlashWindow or FlashWindowEx.

Quote:Original post by Kiristu
Again, I've seen lot of sofwtare doing it, most of them are free, I'm surprised this is so undocumented on the web.
Maybe I don't know what to search ...
Probably because this sort of thing is usually used by hackers for hooking programs to do other things.
Quote:Original post by Evil Steve
What is the exact error you get? Are you running MSN through Visual Studio? (If not, you probably should be so you can get useful debug info)

No, I'm running my app in VC++ Express, and since the faulty code is in a DLL, I could not really inspect execution.
However, my debug logs indicate that the problem occurs when I call the original function in my replacement function (I just want to know when the FlashWindow occurs to notice it in my app).
MSN just crashes with an MS error specifying that the program stopped running.
I did some modifs and it seems to have disappeared. But I don't really understand why ... I'll try to investigate that.
Quote:Original post by Evil Steve
Skype uses some interersting methods to get around API hooking, making this method useless, yes.

OK, then it's not my code :).
However, do you have any idea of other method to do that ?
For example, a free taskbar extension I'm using called "multimon" (http://www.mediachance.com/free/multimon.htm) is able to flash MSN as Skype, even if the Skype icon is not present in the Windows taskbar (I've also read guys trying to intercept redraw on it to know when the flash occurs ... that can't be the solution here).
Quote:Original post by Evil Steve
Yes, that's true. You can get around it by hooking GetProcAddress() and returning your dummy function if you detect they're trying to get the address of FlashWindow or FlashWindowEx.

What's the intention ? I don't quite understand why a soft would have to prevent this. Except for boring the poor programmers like me who want to do that :).
Quote:Original post by Evil Steve
Probably because this sort of thing is usually used by hackers for hooking programs to do other things.

Understood. I don't want my software to be too "invasive" or detected as a kind of malware. It's a shame that the flash is not a message like it should have been.
About MSN crashing, here are the logs that it would send to MS (don't know if it contains useful info):

WERC5DF.tmp.WERInternalMetadata.xml
  <?xml version="1.0" encoding="UTF-16" ?> - <WERReportMetadata>- <OSVersionInformation>  <WindowsNTVersion>6.1</WindowsNTVersion>   <Build>7600</Build>   <Product>(0x30): Windows 7 Professional</Product>   <Edition>Professional</Edition>   <BuildString>7600.16385.amd64fre.win7_rtm.090713-1255</BuildString>   <Revision>1</Revision>   <Flavor>Multiprocessor Free</Flavor>   <Architecture>X64</Architecture>   <LCID>1036</LCID>   </OSVersionInformation>- <ProblemSignatures>  <EventType>APPCRASH</EventType>   <Parameter0>msnmsgr.exe</Parameter0>   <Parameter1>14.0.8089.726</Parameter1>   <Parameter2>4a6ce533</Parameter2>   <Parameter3>MSVCR90D.dll</Parameter3>   <Parameter4>9.0.30729.1</Parameter4>   <Parameter5>488ef6c7</Parameter5>   <Parameter6>c0000005</Parameter6>   <Parameter7>0006f8bc</Parameter7>   </ProblemSignatures>- <DynamicSignatures>  <Parameter1>6.1.7600.2.0.0.256.48</Parameter1>   <Parameter2>1036</Parameter2>   <Parameter22>0a9e</Parameter22>   <Parameter23>0a9e372d3b4ad19135b953a78882e789</Parameter23>   <Parameter24>0a9e</Parameter24>   <Parameter25>0a9e372d3b4ad19135b953a78882e789</Parameter25>   </DynamicSignatures>- <SystemInformation>  <MID>CBE6D936-BAA2-4F6D-B579-A77381EF134D</MID>   <SystemManufacturer>System manufacturer</SystemManufacturer>   <SystemProductName>System Product Name</SystemProductName>   <BIOSVersion>0610</BIOSVersion>   </SystemInformation>  </WERReportMetadata>


WER649E.tmp.appcompat.txt
<?xml version="1.0" encoding="UTF-16"?><DATABASE><EXE NAME="msnmsgr.exe" FILTER="CMI_FILTER_PRIVACY">    <MATCHING_FILE NAME="custsat.dll" SIZE="33792" CHECKSUM="0xF48EC7FA" BIN_FILE_VERSION="9.0.3790.2428" BIN_PRODUCT_VERSION="9.0.3790.2428" PRODUCT_VERSION="9.0.3790.2428" FILE_DESCRIPTION="custsat" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="9.0.3790.2428 (srv03_sp1_qfe.050422-1043)" ORIGINAL_FILENAME="custsat.dll" INTERNAL_NAME="custsat" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x17187" LINKER_VERSION="0x50002" UPTO_BIN_FILE_VERSION="9.0.3790.2428" UPTO_BIN_PRODUCT_VERSION="9.0.3790.2428" LINK_DATE="04/22/2005 19:57:16" UPTO_LINK_DATE="04/22/2005 19:57:16" EXPORT_NAME="custsat.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="00007da7551ec7f3f1e606edf9313595e4ebe45ac8d1" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="liveNatTrav.dll" SIZE="224592" CHECKSUM="0x8F442A70" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Client Nat Traversal Code Module" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Client Nat Traversal Code Module" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="LiveNatTrav.dll" INTERNAL_NAME="LiveNatTrav.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x4373E" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:22:03" UPTO_LINK_DATE="07/26/2009 23:22:03" EXPORT_NAME="LiveNatTrav.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="00001f10d995e9a76b6bd1f27bb55ea8bf6f7a867a4d" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="livetransport.dll" SIZE="553792" CHECKSUM="0x5293CB47" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Client Transport Code Module" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Client Transport Code Module" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="LiveTransport.dll" INTERNAL_NAME="LiveTransport.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x8DD9C" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:22:04" UPTO_LINK_DATE="07/26/2009 23:22:04" EXPORT_NAME="LiveTransport.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="00003d2109186a1bf892795d1d62ca8a6b2e916dc5d4" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="msgrapp.14.0.8089.0726.dll" SIZE="61264" CHECKSUM="0xACE178B1" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Messenger Protocol Handler Module" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Messenger Protocol Handler Module" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="msgrapp.dll" INTERNAL_NAME="msgrapp.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x10F16" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:22:22" UPTO_LINK_DATE="07/26/2009 23:22:22" EXPORT_NAME="MSGRAPP.DLL" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="00005bd99fad6899c89b0b78f63e82046a67be41776c" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="msgsc.14.0.8089.0726.dll" SIZE="221520" CHECKSUM="0xAB4FB70F" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Messenger" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Messenger" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="msgsc.exe" INTERNAL_NAME="msgsc.exe" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x367A5" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:22:14" UPTO_LINK_DATE="07/26/2009 23:22:14" EXPORT_NAME="MSMSGSC.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="0000dc953c9875ff6cadb64e847b3efa8503ac97c813" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="msgslang.14.0.8089.0726.dll" SIZE="367424" CHECKSUM="0x7D27989C" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Messenger Language Specific Resources" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Messenger Language Specific Resources" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="msgslang.dll" INTERNAL_NAME="msgslang.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x680A0" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:22:16" UPTO_LINK_DATE="07/26/2009 23:22:16" VER_LANGUAGE="Français (France) [0x40c]" EXE_WRAPPER="0x0" FILE_ID="0000eaab88f483aecba7d5407bb07e362590ad2e5816" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="msgsres.dll" SIZE="11409744" CHECKSUM="0x94281E9C" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Messenger Non Language Specific Resources" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Messenger Non Language Specific Resources" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="msgsres.dll" INTERNAL_NAME="msgsres.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xAEB2A4" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:22:14" UPTO_LINK_DATE="07/26/2009 23:22:14" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="0000577f836e63fa89e8f48f3fe54b017974d480f7cb" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="msgswcam.dll" SIZE="441152" CHECKSUM="0x467EBE13" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Messenger WebCam Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Messenger WebCam Library" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="msgswcam.dll" INTERNAL_NAME="msgswcam.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x72687" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:22:18" UPTO_LINK_DATE="07/26/2009 23:22:18" EXPORT_NAME="MSGSWCAM.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="00003428185ab7c594e153da1229e4dda3ac446ed512" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="msidcrl40.dll" SIZE="1144904" CHECKSUM="0xFF73F668" BIN_FILE_VERSION="5.0.810.6" BIN_PRODUCT_VERSION="5.0.810.6" PRODUCT_VERSION="5.000.810.6" FILE_DESCRIPTION="IDCRL Dynamic Link Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Identity CRL" FILE_VERSION="5.000.810.6" ORIGINAL_FILENAME="msidcrl.dll" INTERNAL_NAME="IDCRL" LEGAL_COPYRIGHT="Copyright © 1995-2006 Microsoft Corporation." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x11CDB9" LINKER_VERSION="0x50002" UPTO_BIN_FILE_VERSION="5.0.810.6" UPTO_BIN_PRODUCT_VERSION="5.0.810.6" LINK_DATE="09/18/2008 00:24:34" UPTO_LINK_DATE="09/18/2008 00:24:34" EXPORT_NAME="msidcrl40.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="00003e181250125d64964dfdd4196536e50f04e2bfbb" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="msnmsgr.exe" SIZE="3883856" CHECKSUM="0x4CC91A2F" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Messenger" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Messenger" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="msnmsgr.exe" INTERNAL_NAME="msnmsgr.exe" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x3B9A09" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:22:27" UPTO_LINK_DATE="07/26/2009 23:22:27" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="00006272037a70532b05b6dd2e76ceaa7389fb80fc40" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="msvs.exe" SIZE="442760" CHECKSUM="0x3A237CD" BIN_FILE_VERSION="1.9.7876.1" BIN_PRODUCT_VERSION="1.9.7876.1" PRODUCT_VERSION="1.9.7876.1" FILE_DESCRIPTION="Windows Live Messenger Virus Scanner" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows Live OneCare" FILE_VERSION="1.9.7876.1" ORIGINAL_FILENAME="msvs.exe" INTERNAL_NAME="Windows Live Messenger Virus Scanner" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved" VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x72903" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="1.9.7876.1" UPTO_BIN_PRODUCT_VERSION="1.9.7876.1" LINK_DATE="11/14/2008 23:53:04" UPTO_LINK_DATE="11/14/2008 23:53:04" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="000044576b96e5ede4090e2e28630b9543a2e4ff3642" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="msvsui.dll" SIZE="51624" CHECKSUM="0x8336E9F" BIN_FILE_VERSION="1.2.3368.1" BIN_PRODUCT_VERSION="1.2.3368.1" PRODUCT_VERSION="1.2.3368.1" FILE_DESCRIPTION="Scanner de sécurité Windows Live OneCare pour la DLL UI Messenger" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows Live OneCare" FILE_VERSION="1.2.3368.1" ORIGINAL_FILENAME="msvsui.dll" INTERNAL_NAME="Scanner de sécurité Windows Live OneCare pour la ressource Messenger" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés" VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1209D" LINKER_VERSION="0x50000" UPTO_BIN_FILE_VERSION="1.2.3368.1" UPTO_BIN_PRODUCT_VERSION="1.2.3368.1" LINK_DATE="08/30/2006 22:30:29" UPTO_LINK_DATE="08/30/2006 22:30:29" VER_LANGUAGE="Français (France) [0x40c]" EXE_WRAPPER="0x0" FILE_ID="0000e53a0252ffa96ff32f616794af952d3cadc6fbd4" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="PresenceIM.dll" SIZE="424272" CHECKSUM="0x3767AC4B" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Client Presence and IM Code Module" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Client Presence and IM Code Module" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="PresenceIM.dll" INTERNAL_NAME="PresenceIM.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x7728E" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:22:06" UPTO_LINK_DATE="07/26/2009 23:22:06" EXPORT_NAME="PresenceIM.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="000061f336001e3b6850c06a308d1a67d305945ee845" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="psmsong.14.0.8089.0726.dll" SIZE="55104" CHECKSUM="0xEB4BA6CD" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Messenger Music Status Plugin Module" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Messenger Music Status Plugin Module" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="psmsong.dll" INTERNAL_NAME="psmsong.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x16A55" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:22:13" UPTO_LINK_DATE="07/26/2009 23:22:13" EXPORT_NAME="PSMSONG.DLL" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="0000810ff3d215ed7b63aed77b31c5f6025670855a20" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="rtmpltfm.dll" SIZE="6153552" CHECKSUM="0x97934177" BIN_FILE_VERSION="3.5.6872.0" BIN_PRODUCT_VERSION="3.5.6872.0" PRODUCT_VERSION="3.5.6872.0" FILE_DESCRIPTION="Microsoft Real Time Media Stack" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft Office Communications Server 2007 R2 (RC)" FILE_VERSION="3.5.6872.0 built by: lcswlm" ORIGINAL_FILENAME="RTMPLTFM.dll" INTERNAL_NAME="RTMPLTFM.dll" LEGAL_COPYRIGHT="© Microsoft Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x5E3809" LINKER_VERSION="0x50002" UPTO_BIN_FILE_VERSION="3.5.6872.0" UPTO_BIN_PRODUCT_VERSION="3.5.6872.0" LINK_DATE="11/21/2008 01:51:18" UPTO_LINK_DATE="11/21/2008 01:51:18" EXPORT_NAME="RTMPLTFM.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="00005f5bc6b796edfba0b0e6173091a44673135d894d" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="sqmapi.dll" SIZE="144416" CHECKSUM="0x8299BD40" BIN_FILE_VERSION="6.0.6000.16386" BIN_PRODUCT_VERSION="6.0.6000.16386" PRODUCT_VERSION="6.0.6000.16386" FILE_DESCRIPTION="SQM Client" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.0.6000.16386 (vista_rtm.061101-2205)" ORIGINAL_FILENAME="sqmapi.dll" INTERNAL_NAME="sqmapi" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x2DB52" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="6.0.6000.16386" UPTO_BIN_PRODUCT_VERSION="6.0.6000.16386" LINK_DATE="11/02/2006 09:44:16" UPTO_LINK_DATE="11/02/2006 09:44:16" EXPORT_NAME="sqmapi.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="00004eaf6650eca5ce931ee771181b04263c536a948b" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="uccapi.dll" SIZE="4752200" CHECKSUM="0x3A3DA044" BIN_FILE_VERSION="3.5.6872.0" BIN_PRODUCT_VERSION="3.5.6872.0" PRODUCT_VERSION="3.5.6872.0" FILE_DESCRIPTION="Microsoft Unified Communications Client API DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft Unified Communications Client API" FILE_VERSION="3.5.6872.0 built by: lcswlm" ORIGINAL_FILENAME="UccApi.DLL" INTERNAL_NAME="UccApi.DLL" LEGAL_COPYRIGHT="© Microsoft Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x490C43" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="3.5.6872.0" UPTO_BIN_PRODUCT_VERSION="3.5.6872.0" LINK_DATE="11/21/2008 01:54:48" UPTO_LINK_DATE="11/21/2008 01:54:48" EXPORT_NAME="UccApi.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="0000af15f8975a8f80f7b6be6b0543f1ef457a818acf" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="uccapires.dll" SIZE="639824" CHECKSUM="0xDD4DF8FD" BIN_FILE_VERSION="3.5.6871.0" BIN_PRODUCT_VERSION="3.5.6871.0" PRODUCT_VERSION="3.5.6871.0" FILE_DESCRIPTION="Microsoft Unified Communications Client API Resource DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft Unified Communications Client API" FILE_VERSION="3.5.6871.0 built by: lcswlm" ORIGINAL_FILENAME="UCCAPIRES.DLL" INTERNAL_NAME="UCCAPIRES.DLL" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xA7594" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="3.5.6871.0" UPTO_BIN_PRODUCT_VERSION="3.5.6871.0" LINK_DATE="11/09/2008 23:23:28" UPTO_LINK_DATE="11/09/2008 23:23:28" VER_LANGUAGE="Français (France) [0x40c]" EXE_WRAPPER="0x0" FILE_ID="00006b1ea50a45aef2964b7ccdf86ccec7900f4f77f1" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="uxcalendar.dll" SIZE="103232" CHECKSUM="0xF2D83AF" BIN_FILE_VERSION="14.0.8064.206" BIN_PRODUCT_VERSION="14.0.8064.206" PRODUCT_VERSION="14.0.8064.0206" FILE_DESCRIPTION="Windows Live Client UX Calendar Module" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Client UX" FILE_VERSION="14.0.8064.0206" ORIGINAL_FILENAME="UXCalendar.dll" INTERNAL_NAME="UXCalendar.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x25598" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8064.206" UPTO_BIN_PRODUCT_VERSION="14.0.8064.206" LINK_DATE="02/07/2009 01:07:44" UPTO_LINK_DATE="02/07/2009 01:07:44" EXPORT_NAME="UXCalendar.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="0000ba4a81c0f98e302edc8eb968b49c58dc1858b9a4" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="uxcontacts.dll" SIZE="541008" CHECKSUM="0xE760BA9A" BIN_FILE_VERSION="14.0.8064.206" BIN_PRODUCT_VERSION="14.0.8064.206" PRODUCT_VERSION="14.0.8064.0206" FILE_DESCRIPTION="Windows Live Client Contacts UX Module" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Client Contacts UX" FILE_VERSION="14.0.8064.0206" ORIGINAL_FILENAME="uxcontacts.dll" INTERNAL_NAME="uxcontacts.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x86B03" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8064.206" UPTO_BIN_PRODUCT_VERSION="14.0.8064.206" LINK_DATE="02/07/2009 01:07:46" UPTO_LINK_DATE="02/07/2009 01:07:46" EXPORT_NAME="uxcontacts.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="0000691a3fe6ec2ca3153f21d9729baa68ac03070fe8" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="uxcore.dll" SIZE="2391360" CHECKSUM="0x3AE508B8" BIN_FILE_VERSION="14.0.8064.206" BIN_PRODUCT_VERSION="14.0.8064.206" PRODUCT_VERSION="14.0.8064.0206" FILE_DESCRIPTION="Windows Live Client UX Core Module" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Client UX" FILE_VERSION="14.0.8064.0206" ORIGINAL_FILENAME="UXCore.dll" INTERNAL_NAME="UXCore.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x24F33B" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8064.206" UPTO_BIN_PRODUCT_VERSION="14.0.8064.206" LINK_DATE="02/07/2009 01:07:44" UPTO_LINK_DATE="02/07/2009 01:07:44" EXPORT_NAME="UXCore.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="00004438a1a05bf6008742dd39e18969d10890631a5f" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="vvpltfrm.dll" SIZE="439632" CHECKSUM="0xA311819D" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Client Voice Video Platform Module" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Client Voice Video Platform" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="vvpltfrm.dll" INTERNAL_NAME="vvpltfrm.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x74F3E" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:22:14" UPTO_LINK_DATE="07/26/2009 23:22:14" EXPORT_NAME="vvpltfrm.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="000011681e1dd9728b0483bfd063c4f4777f846d7742" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="wlchtc.dll" SIZE="73072" CHECKSUM="0x70227926" BIN_FILE_VERSION="14.0.8064.206" BIN_PRODUCT_VERSION="14.0.8064.206" PRODUCT_VERSION="14.0.8064.0206" FILE_DESCRIPTION="Windows Live Call Click-to-Call BHO" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Call Click-to-Call BHO" FILE_VERSION="14.0.8064.0206" ORIGINAL_FILENAME="wlchtc.dll" INTERNAL_NAME="wlchtc.dll" LEGAL_COPYRIGHT="2008 Microsoft Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x15D86" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8064.206" UPTO_BIN_PRODUCT_VERSION="14.0.8064.206" LINK_DATE="02/07/2009 01:32:22" UPTO_LINK_DATE="02/07/2009 01:32:22" EXPORT_NAME="wlchtc.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="0000a22b7fb6b593cbd6cc53798b294f8b6f2bb833cf" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="wlcsdk.exe" SIZE="583024" CHECKSUM="0xDF707B30" BIN_FILE_VERSION="14.0.8064.206" BIN_PRODUCT_VERSION="14.0.8064.206" PRODUCT_VERSION="14.0.8064.0206" FILE_DESCRIPTION="Windows Live Call" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Call" FILE_VERSION="14.0.8064.0206" ORIGINAL_FILENAME="wlcsdk.exe" INTERNAL_NAME="wlcsdk.exe" LEGAL_COPYRIGHT="Copyright © 2008 Microsoft Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x987C3" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8064.206" UPTO_BIN_PRODUCT_VERSION="14.0.8064.206" LINK_DATE="02/07/2009 01:32:34" UPTO_LINK_DATE="02/07/2009 01:32:34" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="0000b0219de4597c8bcaa44f6d7725c45a22c3217e97" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="wlcstart.exe" SIZE="62304" CHECKSUM="0xB48D5AB5" BIN_FILE_VERSION="14.0.8064.206" BIN_PRODUCT_VERSION="14.0.8064.206" PRODUCT_VERSION="14.0.8064.0206" FILE_DESCRIPTION="start phone dialer through Messenger" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Call" FILE_VERSION="14.0.8064.0206" ORIGINAL_FILENAME="wlcstart.exe" INTERNAL_NAME="wlcstart.exe" LEGAL_COPYRIGHT="Copyright © 2008 Microsoft Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x13AA7" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8064.206" UPTO_BIN_PRODUCT_VERSION="14.0.8064.206" LINK_DATE="02/07/2009 01:32:38" UPTO_LINK_DATE="02/07/2009 01:32:38" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="0000504c83d833eddc6bfc26e140f360949381be0c2f" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="wlcui.dll" SIZE="876896" CHECKSUM="0x7400B2FA" BIN_FILE_VERSION="14.0.8064.206" BIN_PRODUCT_VERSION="14.0.8064.206" PRODUCT_VERSION="14.0.8064.0206" FILE_DESCRIPTION="Windows Live Call Softphone" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Call Softphone" FILE_VERSION="14.0.8064.0206" ORIGINAL_FILENAME="wlcui.dll" INTERNAL_NAME="softphone" LEGAL_COPYRIGHT="Copyright © 2008 Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xDAA7A" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8064.206" UPTO_BIN_PRODUCT_VERSION="14.0.8064.206" LINK_DATE="02/07/2009 01:32:38" UPTO_LINK_DATE="02/07/2009 01:32:38" EXPORT_NAME="wlcui.DLL" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="0000ea34827cc5a513ff66440587da3bf4e1de7bf906" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="wlcuires.dll" SIZE="76144" CHECKSUM="0x3830A378" BIN_FILE_VERSION="14.0.8064.206" BIN_PRODUCT_VERSION="14.0.8064.206" PRODUCT_VERSION="2.0.0559.1021" FILE_DESCRIPTION="Module de ressources de Windows Live Call" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Module de ressources de Windows Live Call" FILE_VERSION="2.0.0559.1021" ORIGINAL_FILENAME="softphoneres.dll" INTERNAL_NAME="softphoneres" LEGAL_COPYRIGHT="Copyright © 2008 Microsoft Corporation. Tous droits réservés." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1B878" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8064.206" UPTO_BIN_PRODUCT_VERSION="14.0.8064.206" LINK_DATE="02/07/2009 01:32:21" UPTO_LINK_DATE="02/07/2009 01:32:21" VER_LANGUAGE="Français (France) [0x40c]" EXE_WRAPPER="0x0" FILE_ID="00006bef2d148f1ecf994198c4c8c8f3a880cd873a53" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="wldcore.dll" SIZE="48976" CHECKSUM="0x5A27C892" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Client Shared Platform Module" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Client" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="WLDCore.dll" INTERNAL_NAME="WLDCore.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x17C7E" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:21:56" UPTO_LINK_DATE="07/26/2009 23:21:56" EXPORT_NAME="WLDCore.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="0000d0e9e768b61c19eeddf61894d754f55d3694024f" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="wldlog.dll" SIZE="31552" CHECKSUM="0xE25CC683" BIN_FILE_VERSION="14.0.8089.726" BIN_PRODUCT_VERSION="14.0.8089.726" PRODUCT_VERSION="14.0.8089.0726" FILE_DESCRIPTION="Windows Live Desktop Logging" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Live Desktop Logging" FILE_VERSION="14.0.8089.0726" ORIGINAL_FILENAME="wldlog.dll" INTERNAL_NAME="wldlog.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x11B43" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="14.0.8089.726" UPTO_BIN_PRODUCT_VERSION="14.0.8089.726" LINK_DATE="07/26/2009 23:21:56" UPTO_LINK_DATE="07/26/2009 23:21:56" EXPORT_NAME="wldlog.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="000028a55e42f3b768d843297284b608b953b1ce1f6a" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="wmaecdmort.dll" SIZE="598856" CHECKSUM="0xB3ED0954" MODULE_TYPE="WIN32" PE_CHECKSUM="0x94438" LINKER_VERSION="0x60000" LINK_DATE="08/02/2007 15:29:23" UPTO_LINK_DATE="08/02/2007 15:29:23" EXPORT_NAME="wmaecdmort.dll" EXE_WRAPPER="0x0" FILE_ID="00008f18d2895c76588df6f5bdb2d3db1adb48335cf1" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" />    <MATCHING_FILE NAME="wmv9vcm.dll" SIZE="1565480" CHECKSUM="0x385B5942" BIN_FILE_VERSION="9.0.1.1184" BIN_PRODUCT_VERSION="9.0.1.1184" PRODUCT_VERSION="9.0.1.1184" FILE_DESCRIPTION="Windows Media Video 9 VCM" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Windows Media Video 9 VCM" FILE_VERSION="9.0.1.1184" ORIGINAL_FILENAME="wmv9vcm" INTERNAL_NAME="wmv9vcm" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x3" MODULE_TYPE="WIN32" PE_CHECKSUM="0x18619E" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="9.0.1.1184" UPTO_BIN_PRODUCT_VERSION="9.0.1.1184" LINK_DATE="08/25/2005 19:14:44" UPTO_LINK_DATE="08/25/2005 19:14:44" EXPORT_NAME="wmv9vcm32.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" FILE_ID="00006d5bdf0a7bbbdf3740b5c3d81117ab05157c2c19" PROGRAM_ID="0000f503a32e4a28e7b10e22a4a597ac11ff0000ffff" /></EXE><EXE NAME="MSVCR90D.dll" FILTER="CMI_FILTER_THISFILEONLY">    <MATCHING_FILE NAME="msvcr90d.dll" SIZE="1180672" CHECKSUM="0xE8625836" BIN_FILE_VERSION="9.0.30729.1" BIN_PRODUCT_VERSION="9.0.30729.1" PRODUCT_VERSION="9.00.30729.1" FILE_DESCRIPTION="Microsoft® C Runtime Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Visual Studio® 2008" FILE_VERSION="9.00.30729.1" ORIGINAL_FILENAME="MSVCR90D.DLL" INTERNAL_NAME="MSVCR90D.DLL" LEGAL_COPYRIGHT="© Microsoft Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x123D7E" LINKER_VERSION="0x90000" UPTO_BIN_FILE_VERSION="9.0.30729.1" UPTO_BIN_PRODUCT_VERSION="9.0.30729.1" LINK_DATE="07/29/2008 10:53:59" UPTO_LINK_DATE="07/29/2008 10:53:59" EXPORT_NAME="MSVCR90D.dll" VER_LANGUAGE="Anglais (États-Unis) [0x409]" EXE_WRAPPER="0x0" /></EXE><EXE NAME="kernel32.dll" FILTER="CMI_FILTER_THISFILEONLY">    <MATCHING_FILE NAME="kernel32.dll" SIZE="836608" CHECKSUM="0xC7CF9264" BIN_FILE_VERSION="6.1.7600.16385" BIN_PRODUCT_VERSION="6.1.7600.16385" PRODUCT_VERSION="6.1.7600.16385" FILE_DESCRIPTION="DLL du client API BASE Windows NT" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d’exploitation Microsoft® Windows®" FILE_VERSION="6.1.7600.16385 (win7_rtm.090713-1255)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xD900E" LINKER_VERSION="0x60001" UPTO_BIN_FILE_VERSION="6.1.7600.16385" UPTO_BIN_PRODUCT_VERSION="6.1.7600.16385" LINK_DATE="07/14/2009 01:14:06" UPTO_LINK_DATE="07/14/2009 01:14:06" EXPORT_NAME="KERNEL32.dll" VER_LANGUAGE="Français (France) [0x40c]" EXE_WRAPPER="0x0" FILE_ID="00008adee2374743f876efca279bd2bdb8e56594f46d" PROGRAM_ID="0000f519feec486de87ed73cb92d3cac802400000000" /></EXE></DATABASE>


and WER64AF.tmp.mdmp which is a hex file.

There's a library from Microsoft called Microsoft Detours that makes things like this considerably easier. Assuming you get your DLL into the target process, you could do this:
// hooked functionsBOOL WINAPI FlashWindow_Hook(HWND, BOOL);BOOL WINAPI FlashWindowEx_Hook(PFLASHWINFO);static BOOL (WINAPI* Real_FlashWindow)(HWND, BOOL) = FlashWindow;		// Target pointer for the real callstatic BOOL (WINAPI* Real_FlashWindowEx)(PFLASHWINFO) = FlashWindowEx;	// same as aboveBOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved){	UNREFERENCED_PARAMETER(lpReserved);	switch (ul_reason_for_call) {		case DLL_PROCESS_ATTACH: 			DisableThreadLibraryCalls(hModule);						DetourTransactionBegin();			DetourUpdateThread(GetCurrentThread());			// Hook FlashWindow			DetourAttach(&(PVOID&)Real_FlashWindow, FlashWindow_Hook);			// Hook FlashWindowEx			DetourAttach(&(PVOID&)Real_FlashWindowEx, FlashWindowEx_Hook);			DetourTransactionCommit();			break;		case DLL_PROCESS_DETACH:			// remove hooks now			DetourTransactionBegin();			DetourUpdateThread(GetCurrentThread());			DetourDetach(&(PVOID&)Real_FlashWindow, FlashWindow_Hook);			DetourDetach(&(PVOID&)Real_FlashWindowEx, FlashWindowEx_Hook);			DetourTransactionCommit();			break;	}	return TRUE;}BOOL WINAPI FlashWindow_Hook(HWND hwnd, BOOL b) {	MessageBox(0, "Intercepted FlashWindow", "Hook", 0);	return Real_FlashWindow(hwnd, b);}BOOL WINAPI FlashWindowEx_Hook(PFLASHWINFO pfwi) {	MessageBox(0, "Intercepted FlashWindowEx", "Hook", 0);	return Real_FlashWindowEx(pfwi);}

(Note: Above used Detours 2.1 express). It's quite a powerful library.
If I put my 2 cents in and get a penny for my thoughts, where does my other penny go?

This topic is closed to new replies.

Advertisement

Popular Topics

taby
Double to float C++ General and Gameplay Programming
bhvrbhrr
How do you people ever get past this? Engines and Middleware
GeneralJist
Made card game, better to sell on my company site or on a new site just for the game? Games Business and Law
SBD
glTF Skeleton + Keyframes to Left-handed Coordinate System Graphics and GPU Programming
mllobera
Stencil buffer strange result Graphics and GPU Programming
Aressera
Is 32-bit float HDR practical in 2026+? Graphics and GPU Programming
Advertisement

Recommended Tutorials

Myopic Rhino
High Dynamic Range Rendering Graphics and GPU Programming
Myopic Rhino
Win32 Assembly Part 1 General and Gameplay Programming
Myopic Rhino
Digital Eel Interviews
ivan.spasov
Crafting a Maze Game Game Design and Theory
Myopic Rhino
SIGGRAPH 2004 Report Event Coverage

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2024 GameDev.net, LLC
Back to Top