Hello , I have already posted a message concerning an anti-windows shutdown .. here there's my work but something goes wrong 1- When I execute the program , it closes instanteanously if I move the Call ExitProcess, I receive a fatal error in windows 2- I want that it stays open until the WM_QUERYENDSESSION is received Please help here's the code .386 .model flat, stdcall option casemap :none ; case sensitive include \masm32\include\windows.inc include \masm32\include\user32.inc include \masm32\include\kernel32.inc includelib \masm32\lib\user32.lib includelib \masm32\lib\kernel32.lib .data szDlgTitle db "Interception !",0 szMsg db "Shutdown prevented. ",0 .code start: WndProc proc uMsg:DWORD .IF uMsg==WM_QUERYENDSESSION mov eax,FALSE push MB_OK push offset szDlgTitle push offset szMsg push 0 call MessageBox push 0 ret call ExitProcess .ENDIF WndProc endp call ExitProcess end start Thank you
Posted on 2000-12-19 19:39:00 by FastIsCool
ummm i'm not sure... but i think i read something in a viruswriting tutorial that a ret if it isn't placed in a proc that is called anywere will do th the same thing as a call to ExitProcess that is the first thing i can see that is wierd and also after your proc you tell it to call ExitProcess wich will be called everytimethe code is run when the WM_QUERYENDSESSION mesage isn't present... so most of the time it will as you say just exit when run... if i'm wrong correct me people...>;)
Posted on 2000-12-19 20:49:00 by NervGaz
Hmmm..... looks like first you need to start with some tutorials on making simple applications. That doesn't have any of the basic application stuff, your not getting your applications instance, you don't create a window or dialog box, you don't have a message loop, and you don't return at the end of your procedure. Check out iczelions tutorials, by the time you get through the 2nd or 3rd one you'll be able to make this work. Hope it works out! See ya, Ben
Posted on 2000-12-19 22:53:00 by cyberben
Also with masm your api calls can be simplified a WHOLE bunch, instead of: push MB_OK push offset szDlgTitle push offset szMsg push 0 call MessageBox you simply write: invoke MessageBox, hOwner, addr MyMsgStr, addr MyTitleStr, MB_OK hOwner you have as "0" which is fine, it just means nobody own the dialog and it will show an icon in the taskbar, if you make an owner (Like if you have a window or something) then it will not show this icon and will be a child of your window. If your application does not use a window, then leave it as "0" or NULL. - Ben
Posted on 2000-12-19 22:58:00 by cyberben
Thank you
Posted on 2000-12-20 08:57:00 by FastIsCool