C++

Forum

 
__asm equivalent for 64 bit?

kosamja (12)
Hi, I am trying to compile killtt (www.codeproject.com/Articles/11781/KillTT-No-More-Tooltips) for 64 bit Windows (since 32 bit version doesnt kill tooltips in 64 bit applications) with Visual Studio 6 but I dont know almost nothing about programming (only had contact with Pascal while in school).

I read from here (http://www.zabkat.com/blog/26Oct08-x64-development-with-VS6-and-ATL3.htm
https://vcpptips.wordpress.com/tag/converting-existing-ansimultibyte-project-into-unicode/) how to compile for 64 bit with Visual Studio 6 and how to convert project to unicode and I think I changed everything compiler was showing as error except __asm part which is not supported in 64 bit. I dont even know what it does (but I guess its related to unloading dll from process since if killtt is compiled without that part it just crashes window instead of killing tooltips) and I wouldnt know how to rewrite that, so if some expert could help me with their knowledge I would be very grateful. Thanks in advance.

ttproc.asm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
	// lParam
	// wParam
	// uMsg
	// hwnd
	// Return Address
	// Old EBP             <-EBP
	__asm {
		push ebp

		mov eax, 0xFFFFFFFF // DllPresent flag
		cmp dword ptr[eax], 0
		je retold
		mov eax, 0x88888888 // Hooking flag
		cmp dword ptr[eax], 0
		je retold

		mov ebp, esp
		mov eax, dword ptr[ebp + 12]

		cmp eax, TTM_POPUP
		je ret0
		cmp eax, TTM_TRACKACTIVATE
		je ret0
		cmp eax, TTM_TRACKPOSITION
		je ret0
		cmp eax, TTM_RELAYEVENT
		je ret0
		cmp eax, TTM_ACTIVATE
		je ret0

		cmp eax, WM_NCDESTROY
		jne retold

// lParam             // thisptr                     4
// wParam             // 0                           8
// uMsg               // GetProcessHeap             12
// hwnd               // Return Address             16
// Return Address     // lParam                     20
// Old EBP            // wParam                     24
                      // uMsg                       28
                      // hwnd                       32
                      // HeapFree                   36
                      // Old EBP                    40

		add ebp, 24

		mov dword ptr[ebp - 28], eax  // Move uMsg

		mov eax, dword ptr[ebp - 16]  // Move hwnd
		mov dword ptr[ebp - 32], eax

		mov dword ptr[ebp - 36], 0xCCCCCCCC // Store HeapFree

		mov eax, dword ptr[ebp - 24] // Move EBP
		mov dword ptr[ebp - 40], eax

		mov eax, dword ptr[ebp - 8] // Move wParam
		mov dword ptr[ebp - 24], eax

		mov eax, dword ptr[ebp - 20] // Move Return Address
		mov dword ptr[ebp - 16], eax

		mov eax, dword ptr[ebp - 4] // Move lParam
		mov dword ptr[ebp - 20], eax

		mov dword ptr[ebp - 12], 0xDDDDDDDD // Store GetProcessHeap
		mov dword ptr[ebp - 8], 0 // Store 0
		mov dword ptr[ebp - 4], 0xEEEEEEEE // Store ThisPtr

		sub esp, 16
retold:
		pop ebp
		pop eax
		push 0xAAAAAAAA    // Old window proc
		push eax
		mov eax, 0xBBBBBBBB  // CallWindowProc
		jmp eax

ret0:
		xor eax, eax
		pop ebp
		ret 16


Last edited on
kosamja (12)
ttproc.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
#pragma pack(push, 1)

class TooltipKiller
{
public:
	TooltipKiller(BOOL* bGlobalFlag, BOOL* bLocalFlag)
	{
		m_nCodeBytesn2 = (unsigned short)0xB855;
		m_nCodeBytesn1 = 0x74003883;
		m_nCodeBytes0 = (unsigned short)0xB87C;
		m_nCodeBytes1[0] = 0x7400F883;
		m_nCodeBytes1[1] = 0x8BEC8B72;

		m_nCodeBytes1[2] = 0x223D0C45;
		m_nCodeBytes1[3] = 0x74000004;
		m_nCodeBytes1[4] = 0x04113D75;
		m_nCodeBytes1[5] = 0x6E740000;
		m_nCodeBytes1[6] = 0x0004123D;
		m_nCodeBytes1[7] = 0x3D677400;
		m_nCodeBytes1[8] = 0x00000407;
		m_nCodeBytes1[9] = 0x013D6074;
		m_nCodeBytes1[10] = 0x74000004;
		m_nCodeBytes1[11] = 0x00823D59;
		m_nCodeBytes1[12] = 0x43750000;
		m_nCodeBytes1[13] = 0x8918C583;
		m_nCodeBytes1[14] = 0x458BE445;
		m_nCodeBytes1[15] = 0xE04589F0;
		m_CodeBytes2 = (unsigned short)0x45C7;
		m_CodeBytes3 = (unsigned char)0xDC;
		m_nCodeBytes4[0] = 0x89E8458B;
		m_nCodeBytes4[1] = 0x458BD845;
		m_nCodeBytes4[2] = 0xE84589F8;
		m_nCodeBytes4[3] = 0x89EC458B;
		m_nCodeBytes4[4] = 0x458BF045;
		m_nCodeBytes4[5] = 0xEC4589FC;
		m_CodeBytes5 = (unsigned short)0x45C7;
		m_CodeBytes6 = (unsigned char)0xF4;
		m_nCodeBytes7[0] = 0x00F845C7;
		m_nCodeBytes7[1] = 0xC7000000;
		m_CodeBytes8 = (unsigned short)0xFC45;
		m_nCodeBytes9 = 0x5D10EC83;
		m_CodeBytes10 = (unsigned short)0x6858;
		m_CodeBytes11 = (unsigned short)0xB850;
		m_nCodeBytes12[0] = 0xC033E0FF;
		m_nCodeBytes12[1] = 0x0010C25D;
		
		HMODULE hmModule;

		hmModule = LoadLibrary((LPCTSTR)L"Kernel32.dll");
		m_pHeapFree = (unsigned int)GetProcAddress(hmModule, "HeapFree");
		hmModule = LoadLibrary((LPCTSTR)L"User32.dll");
		m_pCallWndProc = (unsigned int)GetProcAddress(hmModule, "CallWindowProcA");

		m_pHeap = (unsigned int)GetProcessHeap();
		m_pThis = (unsigned int)this;
		m_pOldWndProc = NULL;

		m_pLocalFlag = (unsigned int)bLocalFlag;
		m_pGlobalFlag = (unsigned int)bGlobalFlag;

		FlushInstructionCache(GetCurrentProcess(), this, sizeof(*this));
	}

	WNDPROC GetWindowProc()
	{
		return (WNDPROC)this;
	}

	void SetOldWindowProc(WNDPROC wpProc)
	{
		m_pOldWndProc = (unsigned int)wpProc;
	}

private:
		unsigned short m_nCodeBytesn2;

	unsigned m_pLocalFlag;

		unsigned m_nCodeBytesn1;
		unsigned short m_nCodeBytes0;

	unsigned m_pGlobalFlag;

		unsigned m_nCodeBytes1[16];
		unsigned short m_CodeBytes2;
		unsigned char m_CodeBytes3;

	unsigned m_pHeapFree;

		unsigned m_nCodeBytes4[6];
		unsigned short m_CodeBytes5;
		unsigned char m_CodeBytes6;

	unsigned m_pHeap;

		unsigned m_nCodeBytes7[2];
		unsigned short m_CodeBytes8;

	unsigned m_pThis;

		unsigned m_nCodeBytes9;
		unsigned short m_CodeBytes10;

	unsigned m_pOldWndProc;

		unsigned short m_CodeBytes11;

	unsigned m_pCallWndProc;

		unsigned m_nCodeBytes12[2];
};

#pragma pack(pop)


killtt_helper.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
 
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include "commctrl.h"
#include "ttproc.h"

///////////////////////////////
//  EXTERNAL DECLARATIONS
///////////////////////////////
inline void *__cdecl operator new(size_t, void *_P) throw()
        {return (_P); }
inline void __cdecl operator delete(void *, void *) throw()
        {return; }

#ifdef _DEBUG
extern "C" __declspec(naked) void _chkesp()
{
	__asm je return0
	__asm int 3
return0:
	__asm ret
}
#endif


///////////////////////////////
//  GLOBAL VARIABLES
///////////////////////////////

#pragma data_seg("SHARED")

HHOOK hHook = NULL;
HINSTANCE hInstance = NULL;
BOOL bBlocking = FALSE;

#pragma data_seg()
#pragma comment(linker,"/SECTION:SHARED,rws")

BOOL* bDLLPresent = NULL;


///////////////////////////////
//  FUNCTION PROTOTYPES
///////////////////////////////

extern "C" BOOL WINAPI _DllMainCRTStartup(HANDLE, DWORD, LPVOID);
LRESULT CALLBACK CBTHook(int nCode, WPARAM wParam, LPARAM lParam);
DWORD WINAPI WaitForUnload(LPVOID lpParameter);

///////////////////////////////
//  ENTRY POINT
///////////////////////////////

extern "C" BOOL WINAPI _DllMainCRTStartup(
                               HANDLE  hDllHandle,
                               DWORD   dwReason,
                               LPVOID  lpreserved
                               )
{
	if(dwReason == DLL_PROCESS_ATTACH)
	{
		if(hInstance == NULL)
			hInstance = (HINSTANCE)hDllHandle;

		bDLLPresent = (BOOL*)
			HeapAlloc(GetProcessHeap(), 0, sizeof(BOOL));
		*bDLLPresent = TRUE;

		DWORD dwThreadID;
		HMODULE hmSelf = LoadLibrary((LPCTSTR)L"killtt_helper.dll");
		CreateThread(NULL, 1024, &WaitForUnload, hmSelf, 0, &dwThreadID);
	}
	if(dwReason == DLL_PROCESS_DETACH)
	{
		*bDLLPresent = FALSE;
	}

    return TRUE;
}

///////////////////////////////
//  INTERNAL FUNCTIONS
///////////////////////////////

LRESULT CALLBACK CBTHook(int nCode, WPARAM wParam, LPARAM lParam)
{
	if(nCode == HCBT_CREATEWND)
	{
		HWND hwnd = (HWND)wParam;
		TCHAR buf[256];
		GetClassName(hwnd, buf, 256);
		if(lstrcmp(buf, TEXT("tooltips_class32")) == 0)
		{
			SendMessage(hwnd, TTM_ACTIVATE, 0, 0);

			TooltipKiller* ttkKiller = (TooltipKiller*)
				HeapAlloc(GetProcessHeap(), 0, sizeof(TooltipKiller));

			new (ttkKiller) TooltipKiller(&bBlocking, bDLLPresent);

			ttkKiller->SetOldWindowProc( (WNDPROC)
				SetWindowLongPtr(hwnd, GWLP_WNDPROC, (LONG_PTR)
				ttkKiller->GetWindowProc()));
		}
	}
	return CallNextHookEx(hHook, nCode, wParam, lParam);
}

DWORD WINAPI WaitForUnload(LPVOID lpParameter)
{
	HANDLE hEvent = CreateEvent(NULL, TRUE, FALSE, (LPCTSTR)L"KillTT_DLLUnloadEvent");

	while(WaitForSingleObject(hEvent, INFINITE) != WAIT_OBJECT_0) {}

	CloseHandle(hEvent);

	//__asm {
	//	push 0
	//	push lpParameter
	//	push ExitThread
	//	push FreeLibrary
	//	ret
	//}

	return 0;
}


///////////////////////////////
//  EXTERNAL FUNCTIONS
///////////////////////////////

void _declspec(dllexport) KillTT_Hook()
{
	hHook = SetWindowsHookEx(WH_CBT, &CBTHook, hInstance, 0);
}

void _declspec(dllexport) KillTT_SetBlock(BOOL bBlock)
{
	bBlocking = bBlock;
}

void _declspec(dllexport) KillTT_Unhook()
{
	UnhookWindowsHookEx(hHook);

	HANDLE hEvent = CreateEvent(NULL, TRUE, FALSE, (LPCTSTR)L"KillTT_DLLUnloadEvent");
	SetEvent(hEvent);
	CloseHandle(hEvent);
}


kosamja (12)
killtt.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
 
#include "Windows.h"
#include "Shellapi.h"
#include "commctrl.h"

#ifdef _DEBUG
extern "C" __declspec(naked) void _chkesp()
{
	__asm je return0
	__asm int 3
return0:
	__asm ret
}
#endif

#define SHOW_TRAY_ICON

void _declspec(dllimport) KillTT_Hook();
void _declspec(dllimport) KillTT_SetBlock(BOOL bBlock);
void _declspec(dllimport) KillTT_Unhook();

HWND wndNotify;
NOTIFYICONDATA nidIconData;
HICON icoEnabledIcon;
HICON icoDisabledIcon;
HMENU mnuPopup;
bool blnEnabled=TRUE;
const UINT WM_TASKBARCREATED = ::RegisterWindowMessage((LPCTSTR)L"TaskbarCreated");


BOOL CALLBACK KillTT_EnableTooltips(HWND hwnd,LPARAM lParam)
{
	TCHAR buf[256];
	GetClassName(hwnd,buf,256);
	if(lstrcmp(buf,TEXT("tooltips_class32"))==0)
	{
		PostMessage(hwnd,TTM_ACTIVATE,lParam,0);
	}
	EnumChildWindows(hwnd,&KillTT_EnableTooltips,lParam);
	return TRUE;
}

void KillTT_SetState(bool kill)
{
#ifdef SHOW_TRAY_ICON
	MENUITEMINFO mii;
	mii.cbSize=sizeof(mii);
	mii.fMask=MIIM_STATE;
#endif
	KillTT_SetBlock(kill);
	if(kill)
	{
		EnumWindows(&KillTT_EnableTooltips,0);
#ifdef SHOW_TRAY_ICON
		nidIconData.hIcon=icoEnabledIcon;
		mii.fState=MFS_CHECKED|MFS_ENABLED;
#endif
	}
	else
	{
		EnumWindows(&KillTT_EnableTooltips,1);
#ifdef SHOW_TRAY_ICON
		nidIconData.hIcon=icoDisabledIcon;
		mii.fState=MFS_UNCHECKED|MFS_ENABLED;
#endif
	}
#ifdef SHOW_TRAY_ICON
	SetMenuItemInfo(mnuPopup,100,FALSE,&mii);
	Shell_NotifyIcon(NIM_MODIFY,&nidIconData);
#endif
}

#ifdef SHOW_TRAY_ICON


LRESULT CALLBACK KillTT_WndProc(HWND hwnd,UINT uMsg,WPARAM wParam,LPARAM lParam)
{
	if(uMsg==WM_USER+11)
	{
		if(lParam==WM_LBUTTONUP)
		{
			blnEnabled=!blnEnabled;
			KillTT_SetState(blnEnabled);
		}
		if(lParam==WM_RBUTTONUP ||  lParam == WM_CONTEXTMENU)
		{
			POINT popupPt;
			GetCursorPos(&popupPt);
			SetForegroundWindow(wndNotify);
			UINT item=TrackPopupMenu(mnuPopup,
				TPM_NONOTIFY|TPM_RETURNCMD|TPM_LEFTALIGN|
				TPM_BOTTOMALIGN,popupPt.x,popupPt.y,0,
				wndNotify,NULL);
			PostMessage(wndNotify,WM_NULL,0,0);
			switch(item)
			{
			case 100:
				blnEnabled=!blnEnabled;
				KillTT_SetState(blnEnabled);
				break;
			case 101:
				PostQuitMessage(0);
				break;
			default:
				break;
			}
		}
	}
	return DefWindowProc(hwnd,uMsg,wParam,lParam);
}
#endif

extern "C" BOOL WINAPI WinMainCRTStartup()
{
	KillTT_Hook();

#ifdef SHOW_TRAY_ICON
	HINSTANCE hInst=GetModuleHandle(NULL);
	icoDisabledIcon=(HICON)LoadImage(hInst,MAKEINTRESOURCE(1001),
		IMAGE_ICON,0,0,LR_DEFAULTSIZE|LR_SHARED);
	icoEnabledIcon=(HICON)LoadImage(hInst,MAKEINTRESOURCE(1000),
		IMAGE_ICON,0,0,LR_DEFAULTSIZE|LR_SHARED);
	mnuPopup=LoadMenu(hInst,MAKEINTRESOURCE(1002));

	MENUITEMINFO mii;
	mii.cbSize=sizeof(mii);
	mii.fMask=MIIM_SUBMENU;
	GetMenuItemInfo(mnuPopup,0,TRUE,&mii);
	mnuPopup=mii.hSubMenu;

	wndNotify=CreateWindow((LPCTSTR)L"EDIT",(LPCTSTR)L"ttkiller_notification_window",
		0,0,0,1,1,NULL,NULL,hInst,0);
	SetWindowLongPtr(wndNotify,GWLP_WNDPROC,(LONG_PTR)&KillTT_WndProc);

	
#endif

	KillTT_SetState(blnEnabled);

	MSG msg;
	BOOL bRet;
	
	while((bRet=GetMessage(&msg,NULL,0,0))!=0)
	{ 
		if(bRet==-1)
		{
			break;
		}
		else
		{
			TranslateMessage(&msg); 
			DispatchMessage(&msg); 
		}
	}
	KillTT_SetState(FALSE);
	KillTT_Unhook();
#ifdef SHOW_TRAY_ICON
	Shell_NotifyIcon(NIM_DELETE,&nidIconData);
#endif
	return 0;
}
Topic archived. No new replies allowed.