Total results: 10
|| General Board
/ Re: How to create a Balloon ToolTip?
|| on: Yesterday at 04:12am
|Started by Pablo S. | Post by Rod
|I searched this out from an older post. Alyce and Dennis showed us how to do tooltips. I have altered their demo to produce balloon tooltips rather than standard ones.
It is an API call and you will need to research MSDN if you want to improve the functionality more.
'© Dennis McKinney 2002
'You may use this code freely in your own programs.
'This code may not be redistributed, published in whole or in part,
'posted to any group or bulletin board, nor placed on any web site
'without the authors permission.
Struct ti, _
cbSize As long, _
uFlags As long, _
hwnd As long, _
uId As long, _
left As long, _
top As long, _
right As long, _
bottom As long, _
hinst As long, _
lpszText As ptr
ti.cbSize.struct = Len(ti.struct)
ti.uFlags.struct = 17
WindowWidth = 300
WindowHeight = 200
UpperLeftX = Int((DisplayWidth - WindowWidth) / 2)
UpperLeftY = Int((DisplayHeight - WindowHeight) / 2)
button #1.btn, "Red", [x], UL, 5, 5, 40, 25
button #1.btn2, "Blue", [x], UL, 50, 5, 40, 25
button #1.btn3, "Green", [x], UL, 95, 5, 40, 25
open "Easy Tooltips" for window as #1
print #1, "trapclose [quit]"
hParent = hwnd(#1)
hTT = CreateTooltip(hParent)
call AddTooltip hwnd(#1.btn),"Red",hTT
call AddTooltip hwnd(#1.btn2),"Blue",hTT
call AddTooltip hwnd(#1.btn3),"Green",hTT
style=64 '0=standard box tooltip 64 = balloon tooltip
CallDLL #user32, "CreateWindowExA",0 As long,"tooltips_class32" As ptr,_
0 As long, style As long,_CW_USEDEFAULT As long,_CW_USEDEFAULT As long,_
_CW_USEDEFAULT As long,_CW_USEDEFAULT As long,hParent As Ulong,_
0 As long,0 As long,0 As long,CreateTooltip As Ulong
Sub AddTooltip hWnd, Text$, hTT
ti.uId.struct = hWnd
ti.lpszText.struct = Text$
CallDLL #user32, "SendMessageA",hTT As long,1028 As long, _
0 As long,ti as ptr,ret As long
/ Re: stand alone file problem
|| on: Mar 14th, 2018, 5:22pm
|Started by monini64 | Post by cundo
|I wouldn't plug a usb stick to that computer right now, just in case to avoid spreading of the virus... what do you think Chris?
Monini do you have more than one partition on your hard disk ?
/ Re: stand alone file problem
|| on: Mar 14th, 2018, 4:30pm
|Started by monini64 | Post by Chris Iverson
|If it's not detecting anything, then go through the steps of creating an application, and try it again.
If it still doesn't work, and gives the same error, then your problem is even worse: you're not just infected with malware, you're rooted with a rootkit that's actively hiding itself on your system. It's actually quite possible that's the case. The reason I say this is that the video you posted earlier in this topic doesn't match a live execution test I ran on the malware myself.
When the infected <run451>.exe runs, it creates a file named <run451>mgr.exe in the same folder, but then fails to execute it due to not getting the name right when trying to run <run451>mgr.exe.
See this for an example that shows it giving the same error message you got:
This for an example of it creating a file with a different name if I rename the EXE file(renamed it from program.exe to test.exe):
And this showing execution happening long enough to trigger trojan download from a malware site, trying to set up C2 on the computer:
The error you got happened in all three tests I ran, but the screenshot system didn't catch it in all of them.
Comparing that to the video you had posted earlier that I commented on, you'll notice that the programmgr.exe file doesn't appear. This could be for two reasons:
1) Something's blocking it from being created, or
2) Something's hiding it from the system.
Considering your system would already have to be infected for it to auto-infect new executables created, I think the answer's more likely to be the second one.
If the infection is deep enough to hide itself from the system, then trying to scan it from within the infected system is useless, as the scanners will literally be unable to see the infected files at all.
Actually cleaning a deep-rooted infection like this can be a very difficult process. If you have backups of your data on that computer, I honestly recommend just erasing the PC and reinstalling Windows. That's the only way to be sure that anything infected is gone.
If you don't have backups, then you can try something like this:
It will let you run a virus scan on your system, without needing to be booted into Windows to do it. You'll need to know how to boot from a different device, though.
Hopefully, that will be enough to remove the infection. If not, you'll have to go for the Windows full reinstall anyway.
Using a LiveCD/LiveUSB environment like this will also let you copy any important data off of the drive, so you can at least save anything important before wiping. You'll want to make sure you scan anything you copy across, though, to make sure you don't accidentally infect a fresh system.