|
RootRepeal (old name: DriverDetect) |
Post Reply 
|
Page <1 910111213 59> |
| Author | |
coconut 
Senior Member 
Joined: 05 January 2007 Online Status: Offline Posts: 557 |
 Quote Reply
 Topic: RootRepeal (old name: DriverDetect)Posted: 28 January 2008 at 2:48pm |
|
feature request: when right-clicking on a driver, add to the popup menu: "lookup via google"
on that note, maybe add the same for hidden files Edited by coconut - 28 January 2008 at 2:49pm |
|
 |
|
|
vrtule
Senior Member
Joined: 22 September 2006 Location: Czech Republic Online Status: Offline Posts: 118 |
Quote Reply
Posted: 29 January 2008 at 12:10am |
|
It found a LOT of hidden files on my system drive - file types: dl_, cu_, dll, html, xsl, txt... and many more... and after a while of scanning - an error occured saying "unable to enumerate by Windows API"... maybe the path was longer than MAX_PATH... I suppose you use FindNextFile/FindFirstFileA APIs... maybe the W variants will help
|
|
|
|
|
a_d_13
Senior Member
Joined: 08 September 2007 Online Status: Online Posts: 260 |
Quote Reply
Posted: 29 January 2008 at 1:39am |
|
@SystemPro: That's really odd. What filesystem is on the drive? And, what does Windows think it is (ie. what shows up in diskmgmt.msc)?
@vrtule: Hm. I am using the Unicode versions of FindFirstFile - everything in the program is Unicode compatible. If you get a lot of hidden files, it's either because the Windows API returned an unexpected error, or there's a bug in the name-matching (assuming the files aren't really hidden). Could you run it, wait until it finishes a couple directories, stop it, and then PM me the log please? Also, what filesystem is this?
I'm going to release a new version here shortly that has more descriptive error messages so that I can track down exactly the cause of the problems.
Thanks,
--AD
|
|
|
|
|
SystemPro
Senior Member
Joined: 26 April 2007 Location: Germany Online Status: Offline Posts: 465 |
Quote Reply
Posted: 29 January 2008 at 3:59am |
|
If I start diskmgmt I receive internal error and mmc.exe opens UDP Port at 1589 (must be a problem with dmremote.exe)
It shows FAT32 when I click on C: properties. Edited by SystemPro - 29 January 2008 at 4:00am |
|
|
|
|
a_d_13
Senior Member
Joined: 08 September 2007 Online Status: Online Posts: 260 |
Quote Reply
Posted: 29 January 2008 at 5:17am |
|
Interesting...
Try this new version. I fixed a couple small bugs that people sent me, and made the error messages more descriptive. SystemPro, if it still doesn't recognize your partition, then could you please post the whole error code here? Specifically, it'll tell me what the partition type is as reported by Windows.
Thanks,
--AD
|
|
|
|
|
SystemPro
Senior Member
Joined: 26 April 2007 Location: Germany Online Status: Offline Posts: 465 |
Quote Reply
Posted: 29 January 2008 at 6:50am |
|
Unrecognized partition type 12(0xc)!
|
|
|
|
|
a_d_13
Senior Member
Joined: 08 September 2007 Online Status: Online Posts: 260 |
Quote Reply
Posted: 29 January 2008 at 7:35am |
|
Well, I can say that you surprised me....
That partition type (0x0c) is an older style partition. That's the partition type used when Windows 95/98 uses INT13-style LBA on an extended FAT32 partition. I will be adding support for this (after more testing) very soon. Thanks for the testing!
 Thanks,
--AD
P.S. Interestingly enough, Windows NT and up isn't supposed to support this type of partition... Edited by a_d_13 - 29 January 2008 at 7:41am |
|
|
|
|
SystemPro
Senior Member
Joined: 26 April 2007 Location: Germany Online Status: Offline Posts: 465 |
Quote Reply
Posted: 29 January 2008 at 9:15am |
I thought INT13 is standard for all? "My whole system story is really extra-ordinary and beyond normal" Probably I should send you my computer for a full-range-analysis. Lol.    Edited by SystemPro - 29 January 2008 at 9:16am |
|
|
|
|
controler
Senior Member
Joined: 01 October 2006 Online Status: Offline Posts: 222 |
Quote Reply
Posted: 29 January 2008 at 11:42am |
|
When looking at properties for some files, not including the zero byte files, no properties show up. Is that because those files are in use by Driverdetect? Files like acpi.sys, atapi.sys, cercsr6.sys, dumpatapi.sys, dump_wmil.sys, ntfs.sys, mountmgr.sys, disk.sys, ftdisk.sys, ect.
|
|
|
|
|
Elite
Senior Member
Joined: 15 April 2007 Location: United States Online Status: Offline Posts: 152 |
Quote Reply
Posted: 29 January 2008 at 1:33pm |
|
I'll have to try today's build out. I tried out the build from yesterday.
Yesterday's build told me pagefile was locked (this is true), but also told me what I'm guessing is a certain .NET library, was found via Windows API but not on disk. I've got .NET 1, 2, and 3 all installed (goddamn Microsoft Update!). I can certainly understand a library (it's a DLL) being in use. I didn't bother checking if the file was in memory (explorer perhaps) or if an open handle existed. Anyhow... so you're checking if a file is visible to the Windows API, but not on disk? How would that work out? Usually it's the other way around. I'll try your new version out shortly. Did you get a chance to list whether or not a loaded driver was hidden yet? (like next to the files on file scan tab) How's Rustock.B loaded driver detection going? What methods have you tried so far, instead of hooking? P.S. @SystemPro, nice INT-13 hook. RKU see that one? Edited by Elite - 29 January 2008 at 1:36pm |
|
|
4 > 1
|
|
|
|
|
Post Reply
|
Page <1 910111213 59> |
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
Topic Options