I want my program run when windows restart I usually use regedit and then edit the string in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Fill Value Name in edit string with any string Fill Value Data in edit string with my program for example MessageBox.exe. How Can we do that in masm32 ? Does anybody help ?
Hi look in the archiv. i ask often how to read/make reg keys. forget it to code another trojan.....there are enough outside. or for what you need autostart functions ? cu
i am coding MessageBox password and it must run when window restart. i have to use regedit and do it manually how through programming ?
Look in your API reference for RegOpenKey, etc. Reg***Key(Ex) Reg***Value Are all registry manipulation functions. Mirno P.S. as its a standard app, whats going to stop me CTRL+ALT+DELing, and ending the task? Or even just ALT+TABing to another window?
Thanks for your info Mirno but by the way i am looking for the way to stop CTR+ALT+DEL or ALT+TAB but still don't found yet. i have asked safcon but he didn't know too. in Journal Record procedure i still don't know : .if code==HC_ACTION mov edi, lParam assume edi:ptr EVENTMSG .if .message==WM_KEYDOWN mov eax, .paramL mov ah, 0 mov vKey, eax .IF sign==FALSE invoke PostMessage,hwnd,WM_MYMESSAGE,NULL,NULL mov sign,TRUE .ENDIF .IF vKey==VK_TAB ;what can i do to stop this key ????????????? .endif .IF vKey==VK_CONTROL ;what can i do to stop this key ????????????? .ENDIF .IF vKey==VK_DELETE ;what can i do to stop this key ????????????? .ENDIF .endif .endif invoke CallNextHookEx, LogHook, code, wParam, lParam ret may be just the expert can handle that or may be i am too fool :-> i am still learning
you just have to prevent that the key is sent to windows back. don't ask me how to do that:D
hi safcon why don't you say just remove that key from keyboard and everithing is ok :-> i don't know if you are kidding event i don't call CallNextHookEx just ret it seem the same.
hi Safcon i know what you mean ;-> you just hook again in WM_CANCELJOURNAL message to handle CTRL+ALT+DEL what about to handle AL+TAB ?
Just a quick hint here: If you want you prog hidden from the Ctl-Atl-Del list, there is a much better and windows friendly way to go about it:
All the above does is to call a windows API RegisterServiceProcess (You can't use invoke in this case). I havn't tested the above, so try that it works.
.data sKernel32 BYTE "Kernel32.dll",0 sRegisterServiceProcess BYTE "RegisterServiceProcess",0 .data? hModKernel HANDLE ? lpRSP DWORD ? .code invoke GetModuleHandle ,ADDR sKernel32 mov hModKernel,eax invoke GetProcessAddress ,hModKernel,ADDR sRegisterServiceProcess push FALSE ;FALSE is to hide, pushing TRUE shows the process call DWORD PTR
it isnt too difficult to add a reg value. however the easiest way to start a program when windows starts is to do it through win.ini or system.ini these are the most common ways anyway. :)
And of course, the other way to run a program at start-up is to drop a shortcut to it in the START-UP folder. Just be advised people (like me) may move it, so do make sure it's really where you think it is. ---------------- "Bart, with $10,000, we'd be millionaires! We could buy all kinds of useful things like ... love!"
Hi in windows you can simply rename your tool to : explorer.exe and copy it to c:\ thats all,every winstart your tool starts without a reg entry. cu