show windows 8+ shutdown UI

    int __stdcall wWinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int nShowCmd) { HANDLE v4; // rbx LPVOID v5; // rcx LPVOID ppv; // [rsp+30h] [rbp-18h] ImmDisableIME(0xFFFFFFFF); v4 = CreateEventW(0i64, 0, 0, L”SlideToShutDownEvent”); if ( v4 ) { if ( GetLastError() != 183 && CoInitializeEx(0i64, 2u) >= 0 ) { ppv = 0i64; if ( […]

use 7zr.exe as compressor in nsis

I have made a few changes to nsis in last decade, I added at least following features: 1.  driver installation command, used when I was doing USB drivers at 2006. 2. large exe support, increased nsis installer size from 1.99G to 3.99G, this was useful before data file support. 3. data file support, it can […]

Microsoft Windows SHA-1 & SHA-2 Code Signing Hash Algorithm Support

The following table provides information on Microsoft Windows operating system and code signing supporting SHA-1 & SHA-2 hash algorithm. Operating System SHA-256 Support Up through Dec. 31, 2015 Jan. 1 – Dec. 31, 2016 Jan. 1, 2017 + Windows Vista Limited:https://support.microsoft.com/en-us/kb/2763674 User Mode: SHA1, limited SHA256 download/install support with patch. Kernel Mode:SHA1 ONLY User Mode: SHA1, limited SHA256 […]

convert ISO to UDF to make windows 10 compatible

I needed to access an ISO (windows 2003 IFS) to check a driver sample, found windows 10 unable to mount. checked it with UltraIso, found it is using Joliet File system, nowadays I think UDF is most popular. so I tried to convert it to UDF. it works!   Update @31/10/2017 I checked xpinfs.iso, it […]

GetFullyQualifiedObjectName

BOOLEAN GetFullyQualifiedObjectName(IN PUNICODE_STRING i_pUsImageName,OUT PUNICODE_STRING o_pUsFullImageName){    PFILE_OBJECT pFileObject = NULL;    PDEVICE_OBJECT pDeviceObject = NULL;    WCHAR wstrDeviceName[50+(sizeof(UNICODE_STRING)/sizeof(WCHAR))+1] = {0};    ULONG ResultLength = 0;        ULONG BufferLength = 0;    UNICODE_STRING usDeviceName;    NTSTATUS Status = STATUS_SUCCESS;    PDEVICE_EXTENSION deviceExtension = g_FilterCDO->DeviceExtension;     if(!i_pUsImageName || !o_pUsFullImageName)            return FALSE;     //Retrive File Object structure    pFileObject = CONTAINING_RECORD(i_pUsImageName,FILE_OBJECT,FileName);    if(!pFileObject)        return FALSE;     […]