hotnuma

https://jellevergeer.com/the-undocumented-istoplevelwindow-api/ https://stackoverflow.com/questions/16973995/whats-the-best-way-do-determine-if-an-hwnd-represents-a-top-level-window It seems to be something like : BOOL IsTopLevelWindow(HWND hWnd) { return (hWnd==GetAncestor(hWnd, GA_ROOT)); } https://docs.microsoft.com/en-us/windows/desktop/api/winuser/nf-winuser-getancestor

How they could drop 1/4 of their users, that's crazy. That company made billionaires and that's how they treat those who made them so rich. I hope they will pay for that someday.

Absolutely, very well said.

AFAIK, KernelEx is writen in C and C++ : https://sourceforge.net/p/kernelex/code/HEAD/tree/trunk/kexcrt/ https://sourceforge.net/p/kernelex/code/HEAD/tree/trunk/core/ That guy wanted to do a KernelEx for XP which is not something very easy, but he's not able to compile a trivial C program : And now he wants to write a driver...

Excellent. "The big bad security bogeyman"

See how they treated OpenBSD devs when they tried to port "the thing" : https://github.com/jasperla/openbsd-wip/issues/86 I think dog face and friends try to make money from open source projets and they get mad when anyone creates a fork from their stuff, because they don't get money from that fork.

It took seven messages in this thread to detect the FUD spread by a company that sells "security".

https://en.wikipedia.org/wiki/Vaporware I don't think there will be any kind of download.

https://rg3.github.io/youtube-dl/ It requires the Python interpreter (2.6, 2.7, or 3.2+), and it is not platform specific. It's a must-have, like ffmpeg or wget. Computing is like junk food nowadays but there's still a few very good programs and if an open source software is not compatible with you OS you have a chance to build it yourself and make it compatible again.

You need first to add the path of MinGW's bin directory to your PATH env variable. Then it's trivial : gcc -o tiny_impdef.exe tiny_impdef.c Then to generate a def file : tiny_impdef.exe regex2.dll Then you get the generated file :

That's so true. Most malware can be detected manually. There are also some advanced spying programs like project sauron that hide themselves using advanced methods. These are harder to detect manually but are not detected by antivirus anyway.

I use Python 3.4 under XP, but it should work with latest release from python.org : https://www.python.org/downloads/ ".py" files will be registered on the system and double clicking a ".py" files should run it. The samples I posted should work but you'll have to change hard coded paths of course.

You can list files this way in python : https://stackoverflow.com/questions/2212643/python-recursive-folder-read A simplest example : import sys, os fromdir = "D:\\DevBuild" for root, subs, files in os.walk(fromdir): for fname in files: fpath = os.path.join(root, fname) print(fpath) That simple program prints all file paths in the specified directory. To list the content of archives, a good way maybe to use the command line version of 7zip or bsdtar. A more advanced example : import sys, os, subprocess def archlist(fpath): cmd = "C:\\Programs\\Outils\\7-Zip\\7z.exe", "l", "-ba", fpath subproc = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE) out = subproc.communicate()[0].decode('windows-1252').strip().split('\r\n') for line in out: print(line) def dirlist(fromdir): for root, subs, files in os.walk(fromdir): for fname in files: fpath = os.path.join(root, fname) if fpath.endswith(".zip"): archlist(fpath) dirlist("D:\\DevBuild\\parse") This one runs 7z.exe from 7Zip, it redirects the output to a text buffer, and prints that buffet, so in my example, I get something like this : 2018-07-30 09:28:58 D.... 0 0 b 2018-07-30 09:28:53 ....A 0 0 b\a.txt 2018-07-30 08:38:22 ....A 266 121 b\a.zip 2018-07-30 09:29:08 D.... 0 0 b\c 2018-07-30 09:29:05 ....A 0 0 b\c\c.txt 2018-07-30 09:29:18 D.... 0 0 b\d 2018-07-30 09:29:14 ....A 0 0 b\d\d.txt The output of 7zip may not be really nice, for example it shows empty directories, a program like bsdtar gives cleaner output I think. It's possible to do the same in Qt, it would run probably faster. I really like Qt, it's fabulous, but it's harder to learn. So, that's a starting point.

All these are programs, so if you can detect unusual running processes, services, drivers, and also controlling scheduled task, startup programs, browser extensions, then you should be able to detect something wrong on your system.