I want my program run when windows restart
I usually use regedit and then edit the string in
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Fill Value Name in edit string with any string
Fill Value Data in edit string with my program for example
MessageBox.exe.
How Can we do that in masm32 ? Does anybody help ?
Hi
look in the archiv.
i ask often how to read/make reg keys.
forget it to code another trojan.....there are enough outside.
or for what you need autostart functions ?
cu
i am coding MessageBox password and it must run when window restart. i have to use regedit and do it manually how through programming ?
Look in your API reference for RegOpenKey, etc.
Reg***Key(Ex)
Reg***Value
Are all registry manipulation functions.
Mirno
P.S. as its a standard app, whats going to stop me CTRL+ALT+DELing, and ending the task? Or even just ALT+TABing to another window?
Thanks for your info Mirno but by the way i am looking for the way to stop CTR+ALT+DEL or ALT+TAB but still don't found yet.
i have asked safcon but he didn't know too. in Journal Record procedure i still don't know :
.if code==HC_ACTION
mov edi, lParam
assume edi:ptr EVENTMSG
.if .message==WM_KEYDOWN
mov eax, .paramL
mov ah, 0
mov vKey, eax
.IF sign==FALSE
invoke PostMessage,hwnd,WM_MYMESSAGE,NULL,NULL
mov sign,TRUE
.ENDIF
.IF vKey==VK_TAB
;what can i do to stop this key ?????????????
.endif
.IF vKey==VK_CONTROL
;what can i do to stop this key ?????????????
.ENDIF
.IF vKey==VK_DELETE
;what can i do to stop this key ?????????????
.ENDIF
.endif
.endif
invoke CallNextHookEx, LogHook, code, wParam, lParam
ret
may be just the expert can handle that or may be i am too fool :-> i am still learning
you just have to prevent that the key is sent to windows back. don't ask me how to do that:D
hi safcon why don't you say just remove that key from keyboard and everithing is ok :->
i don't know if you are kidding
event i don't call CallNextHookEx just ret it seem the same.
hi Safcon i know what you mean ;->
you just hook again in WM_CANCELJOURNAL message to handle CTRL+ALT+DEL
what about to handle AL+TAB ?
Just a quick hint here:
If you want you prog hidden from the Ctl-Atl-Del list, there is a much better and windows friendly way to go about it:
.data
sKernel32 BYTE "Kernel32.dll",0
sRegisterServiceProcess BYTE "RegisterServiceProcess",0
.data?
hModKernel HANDLE ?
lpRSP DWORD ?
.code
invoke GetModuleHandle ,ADDR sKernel32
mov hModKernel,eax
invoke GetProcessAddress ,hModKernel,ADDR sRegisterServiceProcess
push FALSE ;FALSE is to hide, pushing TRUE shows the process
call DWORD PTR
it isnt too difficult to add a reg value.
however the easiest way to start a program when windows starts is to do it through win.ini or system.ini
these are the most common ways anyway. :)
And of course, the other way to run a program at start-up is to drop a shortcut to it in the START-UP folder. Just be advised people (like me) may move it, so do make sure it's really where you think it is.
----------------
"Bart, with $10,000, we'd be millionaires!
We could buy all kinds of useful things like ... love!"
Hi
in windows you can simply rename your tool to : explorer.exe and copy it to c:\
thats all,every winstart your tool starts without a reg entry.
cu