Programming discussion

[Deleted member 21043]

In reply to http://malwaretips.com/threads/my-computer-defence-system.32492/

You can upgrade to a x64 based OS (Windows 7, 8... Don't "downgrade" to Vista or below). Your processor supports x64 (i3), and your RAM (physical memory) is enough for it as well. My dad has 4gb ram and he has a processor which isn't as good as yours running x64 Windows 7 Home premium. It works fine and he doesn't run out of RAM. After my netbook broke I would use his laptop and it was fine for using apps like Photoshop (well I wanted to learn it but didn't get too far), programming (C/C++ compilers, Visual Studio for .NET, etc), and so on. It will work. You can upgrade.

Running a x64 from IA-32 will benefit from double the registers (If you are familiar with the Assembly programming language than you will understand what a register is. I am very bad at explaining what a register is in Assembly, however I remember when I was learning to make a kernel in Assembly for a 16-bit OS I learnt what it is briefly and how to use them. If you check the below spoiler I will tell you best I can and tag a expert who will do a better one). With better code etc as well, more memory can be used by apps as well making performance even better overall with your apps and system. Oh and registers over stacks on parameters on app code

Spoiler

A registry is basically something where data is stored and it is in memory where it can be accessed. For example (not sure if I even remember this as I haven't used Assembly even for printing text or stacks etc for a very long time since my "kernel" but):

mov ah, 9 ; this is use of a register, it moves the valye of 9 into ax
mov dx,offset MTmessage ; this is use of a register, it moves the value of MTmessage into the register dx
int 21h ; this is a interrupt, I wont go into this

hello_message db 'Hello, world!$'

MTmessage db 'This is marks register example, some message but... hey there$'

is the start to displaying text. It basically creates what... (most familiar word for it you will know is "variable") which contains the bytes of the words/sentence. Then the value of 9 is loaded into ah for the string. Then dx loads the message MTmessage and then a interrupt occurs.


^For anyone who is more experienced than me, IF I did mix something up or say something that is/slightly incorrect, please say. Not only will it help my knowledge improve and be corrected with the right fact, but the people who read this will get a better understanding on the correct fact also! @Cowpipe

I heard that on x64 based OS the JIT (explanation below in a spoiler also for people who do not know what it stands for/does) is better (.NET apps I am thinking of here... if you ever wanted to use a .NET app like Tiranium @Dubseven or Xvirus @Dani Santos (just including you both, advertising you guys as im kind ) then they will run faster on x64 based systems (well you might not see a difference but access to registers on x64 is faster etc, as on a 32-bit OS the speed to them is limited. I'm not sure if you are strong in this area so I'll leave it at: global variables etc and space shifting?

Spoiler

JIT stands for Just-In-Time and it is the compiler engine used in .NET applications. And whilst I'm here, compiling will mean converting the code down to Machine Language for the computer/CPU to understand and process. For example the following code in C++ (managed) will delete a file on reboot:

MoveFileEx(lpFileLocation, NULL, MOVEFILE_DELAY_UNTIL_REBOOT);

Obviously, you have to declare the APIs etc (well, not obviously because you probably don't do programming nor know what half of each part does but...), that above code will be "compilled" into Machine Language (yes, the one with 0101001 etc) so it can be understood by the PC/CPU.

For anyone who does do programming and found the delete file interesting, what actually happens (hoping I'm not mixed up) is the file is actually placed into: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations in the Registry which is how the system really knows where to remove it.

^For anyone who is more experienced than me, IF I did mix something up or say something that is/slightly incorrect, please say. Not only will it help my knowledge improve and be corrected with the right fact, but the people who read this will get a better understanding on the correct fact also!

Thanks and... Sorry for the long message... Either way, reading is good for you

 

[Dubseven]

Kram7750 is right.
And in 5-10 years, all computers will be 64 bits.

 

[Cowpipe]

@kram7750 - Nice explanation, I'll just clarify a couple of things for you

In 64 bit assembly, there aren't double the number of registers, but rather each individual register can store 64 bits instead of 32 There are also some additional general purpose registers which aren't found in 32 bit such as r8, r9, r10 etc.

Your code example is actually 16 bit assembly I'll modify the comments to explain a bit more

mov ah, 9

This moves the value 9 into the AX register. We use AH rather than AX to move the value into the upper section of the register (each register is split in half into high (AH) and low bytes (AL) In this case we're setting a parameter. When we call our interrupt later in the code, it will look at the AH register to see the value. This value represents the subfunction we want to call. It's like instead of calling Import Kernel32.dll and calling a function from it. We choose the function we want to call in advance (subfunction 9, print string), and then we only name the interrupt when we have the rest of our parameters set up and are ready to call it

mov dx, offset MTmessage

Again, the print string function we will be calling from interrupt (21h) will look at the DX register for the string to print. We store the string in a separate section of our assembly code and so to access it, we just call it's offset (think of it like calling a variable by name)... And now the section of bytes (our string) stored at our MTmessage offset will be copied to the DX register

int 21h

This is where we call our interrupt, or 'function library'. We're calling a set of functions known as 21h and we've already selected subfunction 9 (print to screen) and declared our message string to display. All being well, the string will display and everybody will be happy

hello_message db 'Hello, world!$'

This is a string value that isn't used.

MTmessage db 'This is marks register example, some message but... hey there$'

This is how we define a variable or string value Notice the format. name db 'string'? DB means "Define Byte" and is used for storing a string of characters. There are other types of define too. The dollar sign at the end is just a string terminator, don't fret too much about it

Nice example kram

Edit: Oops, I'm calling these strings "variables"... they're actually constants Don't get those confused.

 

[NullPointerException]

@kram7750 - Nice explanation, I'll just clarify a couple of things for you

In 64 bit assembly, there aren't double the number of registers, but rather each individual register can store 64 bits instead of 32 There are also some additional general purpose registers which aren't found in 32 bit such as r8, r9, r10 etc.

Your code example is actually 16 bit assembly I'll modify the comments to explain a bit more

mov ah, 9

This moves the value 9 into the AX register. We use AH rather than AX to move the value into the upper section of the register (each register is split in half into high (AH) and low bytes (AL) In this case we're setting a parameter. When we call our interrupt later in the code, it will look at the AH register to see the value. This value represents the subfunction we want to call. It's like instead of calling Import Kernel32.dll and calling a function from it. We choose the function we want to call in advance (subfunction 9, print string), and then we only name the interrupt when we have the rest of our parameters set up and are ready to call it

mov dx, offset MTmessage

Again, the print string function we will be calling from interrupt (21h) will look at the DX register for the string to print. We store the string in a separate section of our assembly code and so to access it, we just call it's offset (think of it like calling a variable by name)... And now a pointer to the string "This is marks register example...." will be stored in the DX register.

int 21h

This is where we call our interrupt, or 'function library'. We're calling a set of functions known as 21h and we've already selected subfunction 9 (print to screen) and declared our message string to display. All being well, the string will display and everybody will be happy

hello_message db 'Hello, world!$'

This is a string value that isn't used.

MTmessage db 'This is marks register example, some message but... hey there$'

This is how we define a variable or string value Notice the format. name db 'string'? DB means "Define Byte" and is used for storing a string of characters. There are other types of define too. The dollar sign at the end is just a string terminator, don't fret too much about it

Nice example kram

Edit: Oops, I'm calling these strings "variables"... they're actually constants Don't get those confused.

You forgot about pointers actually. Because without them, registers won't exist.
Proud to be a null pointer.

 

[Deleted member 21043]

@Cowpipe I know it's 16-bit, I haven't done the 32-bit etc. I did 16-bit as that is what I had started learning in the past. Like I also learnt the BL register for the background color, like I said when I made that kernel, I couldn't use 32-bit etc as when I got 32-bit OS running after enabling A20 etc on boot and the global table, I could never get my C kernel linked... It just wouldn't link and it threw me errors, once it did compile however never worked right still so I gave up on it.

Thanks for the register thing, I did try to double check it but looks like that one failed
I purposefully tagged you, knowing you were more of a expert with Assembly because as far as im concerned your a Assembly wizard. Originally I was using AX register but I switched to AH xD

Thanks for correcting Everyone look at his corrections!!

 

[Cowpipe]

@NullPointerException ~ Trust you to remind me about pointers

@Cowpipe I know it's 16-bit, I haven't done the 32-bit etc. I did 16-bit as that is what I had started learning in the past. Like I also learnt the BL register for the background color, like I said when I made that kernel, I couldn't use 32-bit etc as when I got 32-bit OS running after enabling A20 etc on boot and the global table, I could never get my C kernel linked... It just wouldn't link and it threw me errors, once it did compile however never worked right still so I gave up on it.

Thanks for the register thing, I did try to double check it but looks like that one failed
I purposefully tagged you, knowing you were more of a expert with Assembly because as far as im concerned your a Assembly wizard. Originally I was using AX register but I switched to AH xD

Thanks for correcting Everyone look at his corrections!!

Don't get me wrong, I'm not complaining about you using 16-bit, it's actually my favourite flavour of assembly. I grew up with 16 bit registers and that whole architecture so I have a soft spot for it It's really good to see you know some assembly anyway, I'm impressed that you have such an understanding, too many young programmers don't know about it, and there is such a common misunderstanding that it's this scary language where you've got to manipulate binary values or write 50 lines of stack management code just to get it to print "hello world" lol. Well, ok, I mean if you're using raw I/O rather than interrupts you can write a lot of set up code just to print a string but even so, it's still not that complicated, it's just a very low level of thinking and once you get into it, it gets much easier.

 

[NullPointerException]

@NullPointerException ~ Trust you to remind me about pointers



Don't get me wrong, I'm not complaining about you using 16-bit, it's actually my favourite flavour of assembly. I grew up with 16 bit registers and that whole architecture so I have a soft spot for it It's really good to see you know some assembly anyway, I'm impressed that you have such an understanding, too many young programmers don't know about it, and there is such a common misunderstanding that it's this scary language where you've got to manipulate binary values or write 50 lines of stack management code just to get it to print "hello world" lol. Well, ok, I mean if you're using raw I/O rather than interrupts you can write a lot of set up code just to print a string but even so, it's still not that complicated, it's just a very low level of thinking and once you get into it, it gets much easier.

Lol it's so weird I am explaining you.
Pointers are references that become alive (through constructor) when we assign a value to a variable.

 

[Cowpipe]

Lol it's so weird I am explaining you.
Pointers are references that become alive (through constructor) when we assign a value to a variable.

Have corrected my explanation Of course I know all about pointers but I love your explanation, "references that become alive" sums them up perfectly

 

[Cowpipe]

This thread has became a bad case of code...

I'm sorry @dbz we've sort of hijacked your thread and drifted way off topic! Anyway, I hope you found it interesting Worth investigating that hardware compatibility though or at least downgrading from Windows Ultimate if you plan to remain on 32 bit Check the feature comparisons to find out if there is anything you'll miss first of course.

 

[Deleted member 21043]

I'm sorry @dbz we've sort of hijacked your thread and drifted way off topic! Anyway, I hope you found it interesting Worth investigating that hardware compatibility though or at least downgrading from Windows Ultimate if you plan to remain on 32 bit Check the feature comparisons to find out if there is anything you'll miss first of course.

Nah not hijacked, he's been learning and its good as you corrected me

Anyway, from your other reply to me, I think everyone hates it and doesn't want to do it because its the lowest level from machine code and the tutorials are awful, especially to people who want to learn. They want to jump in and learn but you can't do that, you have to learn the facts etc and how it all works beforehand, whereas with .NET you can just drag controls on simple as that... I like C after Assembly, a lot more than C++. What about you?

Yeah, I forgot about pointers too I do admit that I learnt that one with C because like I said, assembly tutorials I don't think are good... 16-bit I'm talking about...

 

[NullPointerException]

Nah not hijacked, he's been learning and its good as you corrected me

Anyway, from your other reply to me, I think everyone hates it and doesn't want to do it because its the lowest level from machine code and the tutorials are awful, especially to people who want to learn. They want to jump in and learn but you can't do that, you have to learn the facts etc and how it all works beforehand, whereas with .NET you can just drag controls on simple as that... I like C after Assembly, a lot more than C++. What about you?

Yeah, I forgot about pointers too I do admit that I learnt that one with C because like I said, assembly tutorials I don't think are good... 16-bit I'm talking about...

Aw c'mon, .NET I've mastered, but it gives me headache. I don't know why so many programmers like it. It's too...high-level. And it's not High-Level as in Python...it just feels I am "programming" in English.

 

[NullPointerException]

Beside Java gives you more portability, and is more beautiful.

 

[Chromatinfish 123]

I've NO IDEA what you guys are saying

They're talking about programming languages like Python, C, C++, and Java. Don't worry if confused, I am horrible, I got stuck on writing "Hello World" in Python once

My extremely sloppy Python:

print "I Am Getting Good At This"

 

[NullPointerException]

They're talking about programming languages like Python, C, C++, and Java. Don't worry if confused, I am horrible, I got stuck on writing "Hello World" in Python once

My extremely sloppy Python:

print "I Am Getting Good At This"

System.out.println("You forgot parenthesis");

 

[Deleted member 21043]

.NET is one of my favourite. Sorry, I know... But I do like it. BUT, with that being said, I also love C, C++ (not as much as C though). I also like Python, but definitely NOT for any GUI development. However, any .NET apps I make I am intending to redo in the lower level C. MBAM was originally in VB6? Then last year (or 2) it switched to C++ (QT if I am correct, Qt because I saw the DLLs so maybe they use that just for the UI). If I used Python I would use it for the actual background coding, not the appearance (UI). Then have it linked to the app with the UI to display results etc. For example I could be using python to get a list of removable devices (USB) and then have it linked so the UI in C would display the results.

 

[NullPointerException]

You consider this a machine language?

Option Explicit
Dim Count As Integer
Private Sub Form_Load()
Count = 0
Timer1.Interval = 1000 ' units of milliseconds
End Sub
Private Sub Timer1_Timer()
Count = Count + 1
Label1.Caption = Count
End Sub

I consider this English.

 

[Deleted member 21043]

System.out.println("You forgot parenthesis");

The python he wrote is the old python. I remember having to search and I found out the parenthesis change in the newer version a few years back or whenever it was

 

[NullPointerException]

Older Python should use raw_input function, but still would require parenthesis....

 

[Deleted member 21043]

You consider this a machine language?

Option Explicit
Dim Count As Integer
Private Sub Form_Load()
Count = 0
Timer1.Interval = 1000 ' units of milliseconds
End Sub
Private Sub Timer1_Timer()
Count = Count + 1
Label1.Caption = Count
End Sub

I consider this English.

I agree with your consideration, that's why loads of people seem to like it. It gets them into coding the easy way (learn about compiling, controls etc). Then you move your way down to C, C++, Assembly. I went in .NET for a year, then I jumped straight into Assembly, C and C++ and it was so fun. I have little Python exprience though, however soon that will be changed as it can be useful as can C/C++ for the control. .NET DOES have boundaries. Being someone who does develop in .NET I can honestly say the whole framework gets irritating and has problems. Serious problems lol.

 

[NullPointerException]

I agree with your consideration, that's why loads of people seem to like it. It gets them into coding the easy way (learn about compiling, controls etc). Then you move your way down to C, C++, Assembly. I went in .NET for a year, then I jumped straight into Assembly, C and C++ and it was so fun. I have little Python exprience though, however soon that will be changed as it can be useful as can C/C++ for the control. .NET DOES have boundaries. Being someone who does develop in .NET I can honestly say the whole framework gets irritating and has problems. Serious problems lol.

True. But .NET fanboys seem like they're ubiquitous. Even on Java/C forums, they post ".NET is the best programming language". Really, that costs performance. I'm an experienced programmer and I seriously cannot withstand .NET. It was my second language.