Hi all,
I try to kill the process id by using invoke TerminateProcess.
Firstly I use windows's task manager to see the processid and convert it to H value
In my case it is 081c so I my code is

mov eax, 081ch
invoke TerminateProcess, eax, 0

but the killed program still alive !!!
any explanation are welcome
m
Posted on 2003-08-18 23:36:32 by nvm
The process must have PROCESS_TERMINATE access rights or you will not be allowed to terminate it using TerminateProcess. Also TerminateProcess requires a handle not a process ID.
Posted on 2003-08-18 23:49:58 by donkey
yes donkey, I try as follow
-I open caculator and find it processid and kill it
--------------------------------------------------------------------
invoke FindWindow, NULL, addr Calculator
mov hTerminateProcess, eax
.IF eax==NULL
;
.ELSE
invoke OpenProcess, PROCESS_TERMINATE, 0, hTerminateProcess
; hTerminateProcess and eax are same value ???
.IF eax==NULL
;
.ELSE
invoke TerminateProcess, hTerminateProcess, 0
invoke CloseHandle, hTerminateProcess
.ENDIF
.ENDIF
---------------------------------------------------------------------
but it still alive anything wrong with my code
Posted on 2003-08-18 23:57:29 by nvm
Uhmmm, the window handle is *not* the process handle. You can't use that to terminate the process. To obtain a process handle that you can use in your program you have to open the process using it's Process ID:

invoke OpenProcess,PROCESS_TERMINATE,FALSE,ProcessID
mov hProcess,eax
.IF eax
invoke TerminateProcess,hProcess
invoke CloseHandle,hProcess
.ENDIF
Posted on 2003-08-19 00:14:49 by donkey
thank Donkey, I confuse between processID and windows handle
Posted on 2003-08-19 01:26:29 by nvm
.586

.model flat, stdcall ;32 bit memory model
option casemap :none ;case sensitive

include windows.inc
include kernel32.inc
includelib kernel32.lib

.data
szCalc db "calc.exe",0

.data?
PrE PROCESSENTRY32<>
temp dd ?
ExitCode dd ?
handle dd ?

.code

start:
mov eax,sizeof PrE
mov PrE.dwSize,eax
invoke CreateToolhelp32Snapshot,TH32CS_SNAPPROCESS,0
mov temp,eax
invoke Process32First,eax,addr PrE
@@:
invoke lstrcmp,addr PrE.szExeFile,addr szCalc
.if eax==0
invoke OpenProcess,PROCESS_ALL_ACCESS,TRUE,PrE.th32ProcessID
mov handle,eax

invoke TerminateProcess,handle,0
invoke ExitProcess,0
.else
invoke Process32Next,temp,addr PrE
.if eax==ERROR_NO_MORE_FILES
invoke ExitProcess,0
.endif
.endif
jmp @B

end start
Posted on 2003-08-19 02:15:23 by minor28
invoke GetExitCodeProcess,eax,addr ExitCode
invoke TerminateProcess,handle,addr ExitCode

The GetExitCodeProcess will always return STILL_ACTIVE when it is called. It is used to return the value assigned to TerminateProcess. By passing STILL_ACTIVE in the exit code you can sink other applications monitoring the process into an infinite loop as they wait till the app returns other than STILL_ACTIVE. Since you already know the exit code (you have supplied it) it is a redundant call, dangerous if it is used to generate the exit code.
Posted on 2003-08-19 02:22:50 by donkey
OK donkey

Changed the code above. That's OK?

Best regards
Posted on 2003-08-19 02:27:44 by minor28
donkey: Usually a program will wait for termination of another process using event waiting functions, not with GetExitCodeProcess.
And TerminateProcess should have the exit code in the 2nd parameter, not the address of the exit code.
Posted on 2003-08-19 11:21:34 by Sephiroth3
The address of the exit code was not mine, I was just copying the code I saw. "Usually" is right, but the possibility exists and is easily avoided, the GetExitCodeProcess function when called before the process is terminated is not useful anyway. My only suggestion was to leave it out completely, the reason is a viable reason.

I posted some example code in the other thread that seems to be by the same guy on the same subject

http://www.asmcommunity.net/board/index.php?topic=14754
Posted on 2003-08-19 11:29:34 by donkey
GetWindowThreadProcessId < Check this one too... then with the ProcessID use OpenProcess to get a handle to it, and the terminate...

Bye :D
Posted on 2003-08-20 13:52:19 by sheroc