Simply put, BEGIN_COM_MAP implements _InternalQueryInterface. COM_INTERFACE_ENTRY indicates that your class supports the specified interface. END_COM_MAP finishes the _InternalQueryInterface implementation.

Note: A QueryInterface implementation which calls this _InternalQueryInterface method must either be hand-coded, or supplied by CComObject, CComAggObject, etc.

For example:

class MyClass :
    public CComObjectRoot,
    public ISomeInterface
{
public:
    BEGIN_COM_MAP(MyClass)
        COM_INTERFACE_ENTRY(ISomeInterface)
    END_COM_MAP()
};

CComClass myInstance = new CComClass;

The COM_INTERFACE_ENTRY line indicates that MyClass implements ISomeInterface. If QueryInterface is called to requests an ISomeInterface pointer, the call will succeed. Without the COM_INTERFACE_ENTRY line, the QueryInterface call would fail.

Before using powercfg, I first checked the following:

1. Wake-On-LAN was enabled in the BIOS.
2. All settings related to Wake-On-LAN were enabled in the adapter’s Advanced properties tab:
   • Shutdown Wake-On-Lan
   • Wake on Magic Packet
   • Wake on pattern match
     
3. All wake-related settings were checked on the Power Management properties tab:
   • Allow this device to wake computer
   • Only allow a magic packet to wake the computer
     

Even with these settings configured properly, my laptop still wouldn’t respond to magic packets.
First, I opened a command prompt as administrator. A regular user doesn’t have the access rights to change power options.

Then, I checked to see if the LAN adapter is in the list of devices which can wake Windows:

C:\Windows\system32>powercfg -devicequery wake_armed
HID Keyboard Device (002)
HID-compliant mouse (001)
Logitech USB Wheel Mouse (004)

The Ethernet adapter isn’t in there, so I looked at the list of wake-programmable devices in order to find out the name of my LAN adapter:

C:\Windows\system32>powercfg -devicequery wake_programmable
HID-compliant device
Realtek PCIe FE Family Controller            <=== LAN adapter
HID Keyboard Device (002)
TOSHIBA Software Modem
HID-compliant mouse (001)
HID-compliant consumer control device (001)
Logitech USB Wheel Mouse (004)

Finally, I enabled wake for my Ethernet device, using the name "Realtex PCIe FE Family Controller":

C:\Windows\system32>powercfg -deviceenablewake "Realtek PCIe FE Family Controller"

(if you see an error like, "Invalid Parameters -- try "/?" for help," it most likely means that you mistyped the device name)

I am now able to wake my laptop from sleep and hibernate modes using the Wake On Lan app for my Android device.

I used CIPHER.EXE to verify that the only encrypted contents on the volume were those of the Apple download:

C:\lib>cipher /u /n

Encrypted File(s) on your system:

C:\lib\24460_itunescomwindowssdk\iTunesCOMWindowsSDK\.DS_Store
C:\lib\24460_itunescomwindowssdk\iTunesCOMWindowsSDK\iTunesCOM.chm
C:\lib\24460_itunescomwindowssdk\iTunesCOMWindowsSDK\iTunesCOMInterface.h
C:\lib\24460_itunescomwindowssdk\iTunesCOMWindowsSDK\iTunesCOMInterface_i.c
C:\lib\24460_itunescomwindowssdk\iTunesCOMWindowsSDK\LicenseAgreement.rtf
C:\lib\24460_itunescomwindowssdk\iTunesCOMWindowsSDK\ReadMe.rtf
C:\lib\24460_itunescomwindowssdk\iTunesCOMWindowsSDK\SampleScripts\.DS_Store
C:\lib\24460_itunescomwindowssdk\iTunesCOMWindowsSDK\SampleScripts\CreateAlbumPlaylists.js
C:\lib\24460_itunescomwindowssdk\iTunesCOMWindowsSDK\SampleScripts\RemoveDeadTracks.js
C:\lib\24460_itunescomwindowssdk\iTunesCOMWindowsSDK\SampleScripts\RemoveUserPlaylists.js
C:\lib\24460_itunescomwindowssdk\__MACOSX\._iTunesCOMWindowsSDK
C:\lib\24460_itunescomwindowssdk\__MACOSX\iTunesCOMWindowsSDK\._.DS_Store
C:\lib\24460_itunescomwindowssdk\__MACOSX\iTunesCOMWindowsSDK\._iTunesCOM.chm
C:\lib\24460_itunescomwindowssdk\__MACOSX\iTunesCOMWindowsSDK\._iTunesCOMInterface.h
C:\lib\24460_itunescomwindowssdk\__MACOSX\iTunesCOMWindowsSDK\._iTunesCOMInterface_i.c
C:\lib\24460_itunescomwindowssdk\__MACOSX\iTunesCOMWindowsSDK\._LicenseAgreement.rtf
C:\lib\24460_itunescomwindowssdk\__MACOSX\iTunesCOMWindowsSDK\._ReadMe.rtf
C:\lib\24460_itunescomwindowssdk\__MACOSX\iTunesCOMWindowsSDK\._SampleScripts
C:\lib\24460_itunescomwindowssdk\__MACOSX\iTunesCOMWindowsSDK\SampleScripts\._.DS_Store
C:\lib\24460_itunescomwindowssdk\__MACOSX\iTunesCOMWindowsSDK\SampleScripts\._CreateAlbumPlaylists.js
C:\lib\24460_itunescomwindowssdk\__MACOSX\iTunesCOMWindowsSDK\SampleScripts\._RemoveDeadTracks.js
C:\lib\24460_itunescomwindowssdk\__MACOSX\iTunesCOMWindowsSDK\SampleScripts\._RemoveUserPlaylists.js

To fix this, I opened the properties for the iTunesCOMWindowsSDK folder, selected the General tab, clicked Advanced, and unselected “Encrypt contents to secure data”:

The irritating thing is that there seems to be no direct path from the Apple Developer’s Center to this “Downloads & ADC Program Assets” page.

For the convenience of others, here is id3v2 0.1.12 compiled under Cygwin.  It depends upon Cygwin and Cygwin’s zlib package.

The Microsoft Windows SDK versions 7.0 and 7.1 appear to have broken BluetoothAPIs.h header files.

Details

So far, I have uncovered two types of errors in this header file:

• The use of #pragma deprecate instead of #pragma deprecated, causing compiler warnings.
• Several callback function pointer type definitions omit the CALLBACK (__stdcall) calling convention, causing a crash.

The first error simply results in compiler warnings.

warning C4068: unknown pragma

The second type of error results in dereferencing of an invalid memory location when using BluetoothRegisterForAuthenticationEx and BluetoothAuthenticateDeviceEx. This is because the standard calling convention (__cdecl) assumes that the caller will clean up the stack. Since the caller in this case is assuming that the callback function minded its own stack, it immediately pops ESI, placing zero into the register:

5EBCFFE2  mov         ecx,dword ptr [ebp-4]
5EBCFFE5  pop         esi
5EBCFFE6  xor         ecx,ebp
5EBCFFE8  pop         ebx
5EBCFFE9  call        @__security_check_cookie@4 (5EBDBBBBh)

Later, ntdll.dll dereferences memory at ESI + 4, triggering an access violation:

774A8301  test        byte ptr [esi+4],4

“Unhandled exception at 0x774a8301 (ntdll.dll) in [Application]: 0xC0000005: Access violation reading location 0×00000004.

Solution

To the compiler warnings, I replaced all instances of

#pragma deprecate

with

#pragma deprecated

To fix the crash bug, I added the CALLBACK calling convention keyword to PFN_AUTHENTICATION_CALLBACK and PFN_AUTHENTICATION_CALLBACK_EX. They now appear as follows:

typedef BOOL (CALLBACK *PFN_AUTHENTICATION_CALLBACK)(LPVOID pvParam, PBLUETOOTH_DEVICE_INFO pDevice);

typedef BOOL (CALLBACK *PFN_AUTHENTICATION_CALLBACK_EX)(__in_opt LPVOID pvParam, __in PBLUETOOTH_AUTHENTICATION_CALLBACK_PARAMS pAuthCallbackParams);

Interestingly, the function pointer type definitions for the attribute-enumeration and device-selection callbacks (PFN_BLUETOOTH_ENUM_ATTRIBUTES_CALLBACK and PFN_DEVICE_CALLBACK, respectively) are defined correctly, using CALLBACK or WINAPI. I suspect that the inconsistency is because someone at Microsoft was using the /Gz compiler switch, making __stdcall the default calling convention.

Alternate Data Streams (ADS) allow arbitrary metadata to be associated with files and directories on Windows NTFS. Alternate data streams are the Windows implementation of forks. The apparent size of the file will be unchanged, and most applications and users are unaware of their existence. If a file is moved, any alternate data stream will move along with it, as long as the destination is on an NTFS drive.

The command line can access alternate data streams using redirection operators. Streams are specified on the command line as filename:stream name.

Creating an Alternate Data Stream

As an example, a string is written into an ADS named hidden, which is associated with file test.txt:

C:\test>echo Hidden text > test.txt:hidden

The file appears to be empty, though as detailed below, the metadata is intact and associated with the file:

C:\test>dir test.txt

06/24/2010  01:33 PM                 0 test.txt

Viewing an Alternate Data Stream

The metadata can be viewed by redirecting from it to more:

C:\test>more < test.txt:hidden
Hidden text

The name and content of the ADS can be anything (see 'Details' below for restrictions):

C:\test>echo Arbitrary string > test.txt:arbitraryName

C:\test>more < test.txt:arbitraryName
Arbitrary string

Listing Files With Alternate Data Streams

On Windows Vista and later, a list of alternate data streams can be obtained using DIR /R:

C:\test>dir test.txt /R

06/24/2010  01:33 PM                 0 test.txt
                                    38 test.txt:arbitraryName:$DATA
                                    28 test.txt:hidden:$DATA

On earlier operating systems, the SysInternals utility Streams can be used:

C:\test>c:\tools\SysInternals\streams.exe test.txt

Streams v1.56 - Enumerate alternate NTFS data streams
Copyright (C) 1999-2007 Mark Russinovich
Sysinternals - www.sysinternals.com

C:\test\test.txt:
   :arbitraryName:$DATA 38
          :hidden:$DATA 28

Alternate Data Streams on Directories

Metadata can be added to directories the same way it's added to files:

C:\test>mkdir test2

C:\test>echo ADS on a directory > test2:someText

C:\test>dir /r

06/25/2010  11:27 PM    <DIR>          .
06/25/2010  11:27 PM    <DIR>          ..
06/25/2010  11:27 PM    <DIR>          test2
                                    42 test2:someText:$DATA

C:\test>more < test2:someText
ADS on a directory

Details

Stream Naming

To be more accurate, streams are specified as filename:stream name:stream type. It appears that the only stream type accessible from the command line is $DATA, which is why it's optional. All of the stream types are listed in the WIN32_STREAM_ID structure documentation. The default data stream is unnamed, so filename::$DATA will contain the file's data:

C:\test>echo This is the file > file.txt

C:\test>echo This is the stream > file.txt:stream

C:\test>more < file.txt::$DATA
This is the file

C:\test>more < file.txt:stream:$DATA
This is the stream

Stream names are generally held to the same requirements as any filename. One interesting difference is that stream names can contain characters whose integer representations are in the range from 1 through 31. Refer to Naming Files, Paths, and Namespaces (MSDN) for details.

Note that when using streams with files having a single letter name, the filename should be prefixed with a period and backslash. The reason for this is Windows drive names. For example, does "echo hello > c:test" refer to a stream named test on file c, or does it refer to a file test on drive c?

Executing Streams

As of Windows Vista, it is no longer possible to execute directly from an alternate data stream. On Windows XP and earlier, the Start command was used, similar to start somefile.ext:hiddenExecutable.

Editing with Notepad

Notepad can be used to create and edit alternate data streams. The File Open dialog doesn't recognize stream syntax, however, so the file must be created and opened using command line parameters. Notepad will insist on appending .txt to the stream name.

Programmatic Access

Microsoft provides a sample program in C++, demonstrating how to open and write to an alternate data stream.

Real-World Applications

Downloaded Executables

Since Windows XP SP2, when a file is downloaded from the Internet and executed (assuming a zone-aware browser), this warning is displayed:

Windows displays this warning because the web browser tagged the executable with a alternate data stream named Zone.Identifier:

C:\test>dir /r setup.exe

06/25/2010  12:10 PM           680,467 setup.exe
                                    26 setup.exe:Zone.Identifier:$DATA

By redirecting this stream to more, we can see its contents:

C:\test>more < setup.exe:Zone.Identifier
[ZoneTransfer]
ZoneId=3

The PowerShell blog has more information on zone identifiers.

Viruses

The W2K.Stream virus used alternate data streams.

Additional Resources

• A Programmer's Perspective on NTFS 2000 Part 1: Stream and Hard Link (MSDN, article removed)
• A Programmer's Perspective on NTFS 2000 Part 2: Encryption, Sparseness, and Reparse Points (MSDN, article removed)
• File Streams (MSDN)
• Visual browsing of alternative data-streams in Windows Explorer (CodeProject)
• NTFS Alternate Data Streams (Alex Ionescu)

C:\Windows\System32>dir Defr*

07/13/2009  05:39 PM           183,296 Defrag.exe
07/13/2009  05:40 PM            16,384 defragproxy.dll
07/13/2009  05:40 PM           291,328 defragsvc.dll

The same listing under Cygwin bash yields no results:

$ cd /cygdrive/c/Windows/System32

$ ls Defra*
ls: cannot access Defra*: No such file or directory

In fact, on this system, Cygwin reports sees only 2,465 files in System32, while CMD sees 2,857 files.

This is because Cygwin bash and Console are 32-bit applications, and I’m running 64-bit Windows. With filesystem virtualization on Windows, when a 32-bit process attempts to access %SYSTEMROOT%\System32, it is redirected to %SYSTEMROOT%\SYSWOW64. Ironically named, System32 contains 64-bit applications, while SYSWOW64 contains 32-bit applications.

So, if you’re running an older application and you can’t figure out where it stored its files (e.g. DVD Decrypter, as in my case), look under:

C:\Users\username\AppData\Local\VirtualStore

This MSDN page has an excellent summary of file and registry virtualization (search the page for “virtualization”).