From 9afbc50cca838790a8b93dfa7e87df933a2c9957 Mon Sep 17 00:00:00 2001 From: Valentin Radu Date: Tue, 31 Aug 2021 04:31:06 +0300 Subject: [PATCH] Minor fixes --- ExplorerPatcher/dllmain.c | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ExplorerPatcher/dllmain.c b/ExplorerPatcher/dllmain.c index 92da01f0e..ebc1d7529 100644 --- a/ExplorerPatcher/dllmain.c +++ b/ExplorerPatcher/dllmain.c @@ -1386,7 +1386,7 @@ DWORD OpenStartOnCurentMonitorThread(LPVOID unused) DWORD PlayStartupSound(DWORD x) { - Sleep(1000); + Sleep(2000); printf("Started \"Play startup sound\" thread.\n"); HRESULT hr = CoInitialize(NULL); diff --git a/README.md b/README.md index 950aa5f02..3676eac7e 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,7 @@ To uninstall, simply delete `dxgi.dll` from `%windir%`. #### How does this work? -The mechanism the application gets loaded is by exploiting the DLL search order in Windows. I take advantage of the fact that Explorer is one of the few system processes located in `%windir%` and not in `%windir%\System32`, so it does not affect most apps. Also, `%windir%` is not in the search path. Read more about this technique [here](https://itm4n.github.io/windows-dll-hijacking-clarified/). The main advantage here is that you do not have to keep an extra process running in the memory; plus, due to the diverse nature of how Explorer is launched, hooking it can be difficult. +The mechanism the application gets loaded is by exploiting the DLL search order in Windows. I take advantage of the fact that Explorer is one of the few system processes located in `%windir%` and not in `%windir%\System32`, so it does not affect most apps. Also, `%windir%` is not first in the search path. Read more about this technique [here](https://itm4n.github.io/windows-dll-hijacking-clarified/). The main advantage here is that you do not have to keep an extra process running in the memory; plus, due to the diverse nature of how Explorer is launched, hooking it can be difficult. I picked `dxgi.dll` because it is not on the `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs` list, because it has few exports and is loaded very early by Explorer, when calling the `DXGIDeclareAdapterRemovalSupport()` function.