flat assembler
Message board for the users of flat assembler.

Index > Heap > My computer has a virus :(

Author
Thread Post new topic Reply to topic
sleepsleep



Joined: 05 Oct 2006
Posts: 8902
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
am trying to code a basic listview control using custom draw,
want to have different color and font on listview control,

i found something weird.
Code:
  .wmnotify:
          mov   edi,[lparam]
          mov   esi,[edi + NMHDR.code]
          xor   eax,eax
          jmp   .finish
    


the above code will cause the application to start then gone (not display in task manager) but if you fasm the file one more time, it will said
Code:
flat assembler  version 1.71.17  (1048576 kilobytes memory)
error: write failed.
    

kinda weird.

anyway, i face some issues trying to deploy custom draw, maybe someone could check on it and en-light me, thank you.


Description:
Download
Filename: listview.zip
Filesize: 1.93 KB
Downloaded: 62 Time(s)

Post 09 May 2014, 06:42
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8902
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
my reference are from here,
http://www.dreamincode.net/forums/topic/283055-masm-custom-draw-listview-and-header/

Code:
    .elseif eax == WM_NOTIFY
        mov     edi, lParam
        mov     esi, (NMHDR ptr [edi]).code
        
        .if esi  == NM_CUSTOMDRAW
            mov     ecx, (NMCUSTOMDRAW ptr[edi]).hdr.hwndFrom
            .if ecx == hHeader
                mov     eax, (NMCUSTOMDRAW ptr[edi]).dwDrawStage
                .if eax == CDDS_PREPAINT
                    mov     eax, CDRF_NOTIFYITEMDRAW
                    ret
                    
                .elseif eax == CDDS_ITEMPREPAINT
                    invoke  DrawHeader
                    .if eax == 1
                        mov     eax, CDRF_SKIPDEFAULT
                        ret
                    .else
                            mov     eax, CDRF_DODEFAULT
                            ret
                    .endif
                .else
                    mov     eax, CDRF_DODEFAULT
                    ret                    
                .endif

            .elseif ecx == hLV
                mov     eax, (NMLVCUSTOMDRAW ptr[edi]).nmcd.dwDrawStage
                .if eax == CDDS_PREPAINT
                    mov     eax, CDRF_NOTIFYITEMDRAW
                    ret 
                    
                .elseif eax == CDDS_ITEMPREPAINT
                ; #### use the following 3 lines to color lv lines
                ; ###  Comment them out and uncomment the following line to color colums.
                    call    ColorLVLines
                    mov     eax, CDRF_DODEFAULT
                    ret
;                    mov     eax, CDRF_NOTIFYSUBITEMDRAW
;                    ret
;                    
;                .elseif eax == CDDS_ITEMPREPAINT or CDDS_SUBITEM
;                    call    ColorLVColumns
;                    mov     eax, CDRF_DODEFAULT
;                    ret              
                .else
                    mov     eax, CDRF_DODEFAULT
                    ret
                .endif
            .endif
        .endif
    
Post 09 May 2014, 07:11
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8902
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
i was thinking i got preserve the ESI, EDI, EBX by using
Code:
proc WindowProc uses ebx esi edi, hwnd, wmsg, wparam, lparam
    

so, fasm will "auto" pop ebx esi edi before RET? or i am wrong here?
i just discovered that after i commented using esi, edi or ebx,
i will have the error: write failed, maybe once the esi edir or ebx are corrupted, they will remained like that, maybe? i guess.
Post 09 May 2014, 10:37
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8902
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
I just tried using fasmw ide, load template.asm code, compile, then run,
Close it then run compile again, then i got write failed as if template.exe is locked by system pid 4,

Maybe my system got virus, will try format it later and test,
Post 09 May 2014, 13:51
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
That one download was by me. When I tried it I had no problem closing, assembling and opening multiple times. So it looks like your problem.
Post 09 May 2014, 14:08
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8902
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
I guess my laptop got hit with rootkit,

i notice lately, hibernation took more than 3 minutes on my I5 8GB laptop, i should have notice this earlier, damn it,

now, i plan to do hibernation tracing and see what output i could get and diagnosed further,

i actually got a C os backup partition, and i just restore it last week when i feel something strange with the hibernation timing,

as far as i could remember, last time hibernation only took less than 1 minute, something weird is definitely going on, shit.
Post 09 May 2014, 20:12
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8902
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
i zerorize partition C, then do a reformat, update to latest available security patches,
try hibernation, now it works in 30 seconds or less.

idk what caused this, damn it,
Post 10 May 2014, 05:52
View user's profile Send private message Reply with quote
badc0de02



Joined: 25 Nov 2013
Posts: 216
Location: %x
badc0de02
nah windows xp user
heu
Post 15 May 2014, 07:54
View user's profile Send private message Reply with quote
Dr F



Joined: 01 Apr 2014
Posts: 239
Location: Berehove, Ukraine
Dr F
please include what is present in finish at first thing although i am thinking u modified something like the form example something came with flat assembler.

what is nmhdr.code and stuff? what are other things with structures?
Post 15 May 2014, 10:11
View user's profile Send private message Reply with quote
Dr F



Joined: 01 Apr 2014
Posts: 239
Location: Berehove, Ukraine
Dr F
nooo where in hell is my signature.
Post 15 May 2014, 11:38
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.