Solved

Way to load .dll at startup?

Posted on 2004-10-08
8
364 Views
Last Modified: 2010-04-05
Does Anyone know the way to load the FiLE .DLL at windows startup (because .dll cannot be seen in task manager of winNT platform) IN USER RIGHT ONLY ?
I have tried dll injection in madCollection of MadShi but impossible...
thanks.
0
Comment
Question by:lehongwang
8 Comments
 
LVL 6

Expert Comment

by:pritaeas
ID: 12257310
This is only possible if it is used by an .exe
There must be ways to keep a dll in memory, but it has to be started by an executable calling (a function in) it.
0
 
LVL 7

Expert Comment

by:petoskey-001
ID: 12258538
I'm a bit confused.

Why would you want the DLL loaded at startup without an EXE to launch it?  What would trigger the DLL's code?
0
 

Author Comment

by:lehongwang
ID: 12259104
because .dll cannot be seen in task manager of winNT platform
but UNDER USER RIGHT,I have no way to do so with register.
if UNDER ADMIN RIGHT,it's  so easy

trigger
....

begin
// dosomething if some call loadlibrary('my.dll');
end.
0
 
LVL 2

Expert Comment

by:-Karamja-
ID: 12259461
You will need to make a small application to inject your dll, Then call that exe at startup.

HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run

or using Delphi

procedure AddStartup;
begin
With TRegistry.Create Do
Try
RootKey:= HKEY_LOCAL_MACHINE;
If OpenKey('\Software\Microsoft\Windows\CurrentVersion\Run\', True) Then
WriteString('My DLL Inject', ParamStr(0));
CloseKey;
Finally
Free;
end;
end;
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 17

Expert Comment

by:Wim ten Brink
ID: 12259719
DLL's are never meant to just run by itself. They lack the proper setup for the process space or memory management. There's only one option which, as Karamja already noted, is by injecting the DLL in the process space of another process.

However, these kinds of practices are extremely discouraged since these tricks can be used by virus writers and spyware writers to hide they malware. And personally I cannot think of any legitimate reason to do this.

However, it is of course possible to make the DLL part of the Explorer, and Explorer is always started by some user since it makes his desktop, toolbar and other things visible. Consider this as an alternate option.
0
 
LVL 13

Expert Comment

by:BlackTigerX
ID: 12262961
you could also use rundll32.exe to start your DLL...

rundll32 [name of DLL], [name of the function]
0
 

Author Comment

by:lehongwang
ID: 12264211

>>>>>However, it is of course possible to make the DLL part of the Explorer, and Explorer is always started by some user since it makes his desktop, toolbar and other things visible. Consider this as an alternate option.

how can we do that UNDER USER RIGHT ? because writing to register is limtited.
0
 
LVL 17

Accepted Solution

by:
Wim ten Brink earned 500 total points
ID: 12272157
The biggest problem if you only have user rights is that you're quite limited in the access rights that you have. That is true. But I thought that Explorer add-ins could be installed by any user, thus you would not need administrator rights. This is because you'll be adding registry entries to the CURRENT_USER branch, not the LOCAL_MACHINE branch of the registry.
Of course, as a simple user you cannot install anything that would affect the settings of other users. If you could, that would be a bug in Windows. (Or a security leak.)
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
Introduction Raise your hands if you were as upset with FireMonkey as I was when I discovered that there was no TListview.  I use TListView in almost all of my applications I've written, and I was not going to compromise by resorting to TStringGrid…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now