Administrator rights
Administrator rights
hello madshi, I've read all topics but not found about this problem.
Does madCodeHook work well if it is runned in user account ???
My program works very well in Administrator account, but can't run in user account.
Even the Appsniff of zamolx32 : viewtopic.php?t=90&postdays=0&postorder=asc&start=60
is too.
How can I solve this problem ??
Thank you madshi
Does madCodeHook work well if it is runned in user account ???
My program works very well in Administrator account, but can't run in user account.
Even the Appsniff of zamolx32 : viewtopic.php?t=90&postdays=0&postorder=asc&start=60
is too.
How can I solve this problem ??
Thank you madshi
If you have no admin rights, you can't use InjectLibrary. You can either ask your friend to install the injection service for you. Or you can try to find an alternative solution to InjectLibrary. E.g. you could misuse SetWindowsHookEx for injection. That will inject your dll into all GUI processes of the current user. It will not inject your dll into non-GUI processes and it will also not work for system processes and services and for processes of other users.
hi madshi,
The situation is :
One day, I go to the Internet cafe and using a public computer with user account. I wish to check if this computer was infected by a Keylogger.
If my program can't use API Hook. How can I detect which program using SetWindowsHookEx API ???
There is a example of a program :
http://www.antispy.biz/downloads/inst_antispy.exe
Personal Anti Keylogger works well even running in user mode. That program is not create any service too.
The scanning result of it is programs which are using keyboard hook.
What can I do if I don't use API Hook ??
Thank you madshi.
The situation is :
One day, I go to the Internet cafe and using a public computer with user account. I wish to check if this computer was infected by a Keylogger.
If my program can't use API Hook. How can I detect which program using SetWindowsHookEx API ???
There is a example of a program :
http://www.antispy.biz/downloads/inst_antispy.exe
Personal Anti Keylogger works well even running in user mode. That program is not create any service too.
The scanning result of it is programs which are using keyboard hook.
What can I do if I don't use API Hook ??
Thank you madshi.
lParam of hook debug procedure contains a pointer to a DEBUGHOOKINFO structure and in NT/2000/XP the DebugHookInfo.idThreadInstaller is always zero. Other members of the DebugHookInfo is OK.madshi wrote:If you just want to check whether some processes use keyboard logging maybe using SetWindowsHookEx(WH_DEBUG) helps?
Anyway, InjectLibrary needs admin rights and there's no way around it.
It is possible to use the madCollection to solve this bug?