Anyone know why this is not working:



.data?
hInstance HINSTANCE ?
hProcess dd ?
hSnapshot dd ?

uProcess PROCESSENTRY32 <>


.code

start:

mov [uProcess.dwSize], sizeof uProcess
invoke CreateToolhelp32Snapshot, TH32CS_SNAPPROCESS, 0
mov [hSnapshot], eax
invoke Process32First, eax, addr uProcess

.while eax
.IF uProcess.szExeFile == "WINHELP32.EXE"
invoke MessageBox, NULL, chr$("Found Help Already Running"), chr$("Results:"), MB_OK
.ENDIF

invoke Process32Next, [hSnapshot], addr uProcess
.endw

invoke CloseHandle, [hSnapshot]
invoke ExitProcess, NULL
end start


What constant value is too large? And why?

Thanks.

Trope
Posted on 2004-11-17 18:08:01 by TropE
.IF uProcess.szExeFile == "WINHELP32.EXE"

The byte string "WINHELP32.EXE" is bigger than a DWORD, which is what szExeFile is. You shouldn't compare a pointer and a string like that. Even if what you were trying to do was allowed by MASM, it would always evaluate to FALSE since they are two differant string entirely (even if they have the same characters) and therefore will have differant pointers.

Spara
Posted on 2004-11-17 18:28:10 by Sparafusile
So I would create a new variable, MOV szExeFile to it, and then do the compare?
Posted on 2004-11-17 20:30:33 by TropE
Use strcmp (either you code it or use the windows api)

I wonder what programming language you used before learning assembly since most programming require a strcmp and are not that high level that accept such statement.
Posted on 2004-11-17 22:39:05 by roticv
You are using MASM32 macros so you may as well use the MASM32 library function "szCmp" to test if the two strings are the same. Note that it is case sensitive compare but you can easily convert both strings to the same case.

This is how you would code it using the MASM32 macros,


.if FUNC(szCmp,lcase$(pstr),chr$("winhelp32.exe")) == 0 ; if no match
fn MessageBox,hWnd,"Strings did not match","Sorry ....",MB_OK
.endif


This code is messed up by the forum software formating. chr$("winhelp32.exe")

It is worth the effort to learn what the conversions are, the "lcase$" macro converts the string address "pstr" to lower case then the szCmp procedure does the string comparison. Once you are familiar with the normal procedure techniques you can use the standard MASM32 macros or write your own if you want to.

Victor,

basic has extra capacity to do string comparisons like,

If a$ = "Hi Guys" Then
' do something
End If
Posted on 2004-11-18 07:41:36 by hutch--
Hello Hutch,

I must say I know nothing about coding with any variants of BASIC. :-D
Posted on 2004-11-18 09:31:51 by roticv
Ok, still not working - but so far you guys have helped me tremendously, as I now understand where I went wrong before.

Now... not sure where the problem is.

In this example, if winhlp32.exe is running, the code will catch it and pop up a message box. It should then end it. It doesn't.

I think I am close on this one... anyone see the bug?




.data?
hInstance HINSTANCE ?
hProcess dd ?
hSnapshot dd ?
hBuffer dd ?

uProcess PROCESSENTRY32 <>


.code

start:

mov [uProcess.dwSize], sizeof uProcess
invoke CreateToolhelp32Snapshot, TH32CS_SNAPPROCESS, 0
mov [hSnapshot], eax
invoke Process32First, eax, addr uProcess

.while eax
.if FUNC(szCmp,lcase$(addr uProcess.szExeFile), chr$("winhlp32.exe")) != 0
; Found It
fn MessageBox,NULL,ADDR uProcess.szExeFile,"Found It ....",MB_OK
invoke OpenProcess, PROCESS_TERMINATE, 1, addr uProcess.th32ProcessID
invoke TerminateProcess, addr uProcess.th32ProcessID, 0
.ENDIF

invoke Process32Next, [hSnapshot], addr uProcess
.endw

invoke CloseHandle, [hSnapshot]
invoke ExitProcess, NULL
Posted on 2004-11-18 20:09:23 by TropE
:-D

Victor,

wait until we convert you to on the fly variable creation.


rv& = GetTickCount

Create rv& on the fly and place the return value into it. It is of course a LOCAL but its standard BASIC to do this and it works fine.

Doesn't it make ya wanna run out and buy VB.NET ?
Posted on 2004-11-19 02:35:31 by hutch--
Code Warrior TropE:
Here is a code that Can't Terminate system process. le: lsass.exe


;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.386
.model flat, stdcall
option casemap:none
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
include \masm32\include\user32.inc
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\user32.lib
include \masm32\Macros\macros.asm
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.data
pName db "winhlp32.exe",0
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.data?
pszParam dd ?
hSnapshot dd ?
uProcess PROCESSENTRY32 <>
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.code

start:
mov edi, OFFSET pName
mov [pszParam],edi
mov [uProcess.dwSize], sizeof uProcess ;sizeof uProcess=128h
invoke CreateToolhelp32Snapshot, 2, 0
mov [hSnapshot], eax ;eax=7e8h
invoke Process32First, eax, ADDR uProcess ; eax=1
.while eax
xor ecx, ecx
lea edi, [uProcess.szExeFile] ;system process that founded
mov ebx, edi
dec ebx
invoke lstrlen, edi
add edi, eax
.while edi!=ebx ; ebx=Addr of proc will kill
invoke lstrcmpi, edi, [pszParam] ;edi=founded proc
.if !eax
invoke OpenProcess, PROCESS_TERMINATE, 1, [uProcess.th32ProcessID]
invoke TerminateProcess, eax, 0
.if eax!=0
invoke MessageBox,NULL,chr$("Killed the Process"),chr$("--- test ---"),MB_OK or MB_ICONASTERISK
jmp qexit
.endif
invoke MessageBox,NULL,chr$("Can't kill the Process"),chr$("--- test ---"),MB_OK or MB_ICONSTOP

jmp qexit
.endif
dec edi
.endw
invoke Process32Next, [hSnapshot], ADDR uProcess ;eax=1 ecx=ADDR of next process
.endw
invoke MessageBox,NULL,chr$("Nothing Process to be selected"),chr$("--- test ---"),MB_OK or MB_ICONWARNING

qexit: invoke CloseHandle, [hSnapshot]
invoke ExitProcess, eax

;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

end start
Posted on 2004-11-19 08:11:57 by dcskm4200
The code dcskm4200 posted works fine. The thing is, mine is almost identical in the way it ends the process.

I added a crude error checking messagebox. It appears the OpenProcess API is failing. And I have no clue as to why????




.data

process1 db "winhlp32.exe",0

.data?
hInstance HINSTANCE ?
hProcess dd ?
hSnapshot dd ?
hBuffer dd ?

uProcess PROCESSENTRY32 <>


.code

start:

mov [uProcess.dwSize], sizeof uProcess
invoke CreateToolhelp32Snapshot, TH32CS_SNAPPROCESS, 0
mov [hSnapshot], eax
invoke Process32First, eax, addr uProcess

.while eax
.if FUNC(szCmp,lcase$(addr uProcess.szExeFile), chr$("winhlp32.exe")) != 0

; Found It
invoke OpenProcess, PROCESS_TERMINATE, 1, addr [uProcess.th32ProcessID]


.if eax == NULL
fn MessageBox,NULL,chr$("OpenProcess failed!"),"ERROR",MB_OK
.endif

invoke TerminateProcess, eax, 0
.ENDIF

invoke Process32Next, [hSnapshot], addr uProcess
.endw

invoke CloseHandle, [hSnapshot]
invoke ExitProcess, NULL



Just doesn't want to work for some reason...

Trope
Posted on 2004-11-19 08:57:27 by TropE
your method that find the object process isn't right.
load your proc with softICE to debug.
insert int 3 into line where you think not right.
le:
.......
int 3
.if FUNC(szCmp,lcase$(addr uProcess.szExeFile), chr$("winhlp32.exe")) != 0

; Found It
invoke OpenProcess, PROCESS_TERMINATE, 1, addr
........
you will find what's happen.
:shock:

attention:
Code Warrior TropE:
on the another hand, i'll awake to you:
Please don't ask so questions. in the win32asm community , there are many cool coders in the world. include the mircosoft corp. system kmd's coder. that's all, here's coders are the best coder in 5000 million humans.
if you ask so questions, they'll bemock .
Posted on 2004-11-19 09:22:01 by dcskm4200
I dont have softice. Hopefully I can figure this out by trial and error though. It appears I am not doing something right with the openprocess.

Am I corrupting EAX somehow?
Posted on 2004-11-19 09:52:25 by TropE
OpenProcess needs the Process ID not the address of the Process ID. From MSDN:
HANDLE OpenProcess( 

DWORD dwDesiredAccess,
BOOL bInheritHandle,
DWORD dwProcessId
);
Posted on 2004-11-19 12:29:21 by Greg
Ohhhhhhhhhhhhhhhhhh man.... got it!

invoke OpenProcess, PROCESS_TERMINATE, 1, uProcess.th32ProcessID

seems to work fine. Thanks!
Posted on 2004-11-19 12:41:01 by TropE
attention:
Code Warrior TropE:
on the another hand, i'll awake to you:
Please don't ask so questions. in the win32asm community , there are many cool coders in the world. include the mircosoft corp. system kmd's coder. that's all, here's coders are the best coder in 5000 million humans.
if you ask so questions, they'll bemock .


Forum description (highlight added):
Main
Post any win32Asm related question here that doesn't fit in any of the other forums. Newbies welcome. :)


I've always gotten the impression that this is a fairly friendly board. I have seen many expert coders here helping with even the most trivial of problems, and have rarely to never seen anyone belittled for asking a "dumb question". If there are any experts here who find answering little questions a waste of their time they at least are sensible enough to just ignore those questions. Let's not wreck the reputation of this board as being newbie-friendly.
Posted on 2004-11-19 15:48:22 by sirchess
dcskm4200, can you put that in English for me or what? What are you trying to say? Don't ask so many questions? Let me fill you on something, before I post or ask any questions I sit here at my computer with QEditor open and try every possible thing I can think of to make my code work, and that's after searching Google and this board for related topics that may help me.

I did not ask for your help personally, but I do appreciate it nonetheless.

Next time you see a question from me, please feel free not to answer, as I do not want to "be mocked".

Regards,
Trope
Posted on 2004-11-19 16:14:21 by TropE