Hello,
Starting this thread first I'd like to praise the coders and webmasters of this site and all those who contributed to the tutorials. I am new to assembly (my second day actually) and finding these tutorials I feel I have greatly been educated quite efficiently in many aspects of assembly. I've found assembly to so far be much easier than I always precieved after reading these tutorials (which I'm still reading to advance my knowledge).

Now my question. I've started to write a little test program of my own kind of similar to a program I wrote awhile in Visual Basic but smaller and just for me to get a better drift of assembly. Everything was great, I had my win32 SDK help and getting everything I needed until I found one symbol I wanted to use wasn't usable.

RegisterService Process
Parameters
dwProcessId
Specifies the identifier of the process to register as a service process. Specifies NULL to register the current process.

dwType
Specifies whether the service is to be registered or unregistered. This parameter can be one of the following values.

Value Meaning
RSP_SIMPLE_SERVICE Registers the process as a service process.
RSP_UNREGISTER_SERVICE Unregisters the process as a service process.




This was what my code looked like:
invoke GetCurrentProcessId
invoke RegisterServiceProcess, eax, RSP_SIMPLE_SERVICE

Of course the first function worked fine
But the 2nd function I had to add this to the end of windows.inc :
RSP_SIMPLE_SERVICE equ 1
RSP_UNREGISTER_SERVICE equ 0

So I can use the variables.
And I added the symbol into kernel32.inc as well.
The problem is the symbol isn't in the kernel32.lib and it's obviously not plain text and I have not the slightest clue how to add the symbol.

My question to the community is how can I use the RegisterServiceProcess function within my application? By any means because I don't know how to add it to the library nor how to call it w/o the library.

Thank you for any responses.
I'm sorry if this might be a stupid question with an answer in front of my blind face. But I really don't know.

-SiLenCe

Posted on 2002-06-22 17:02:34 by SiLenCe
You could use a newer import library from the latest platform SDK, or use GetProcAddress..


.data
szKernelDLL db "kernel32.dll",0
szRegServProc db "RegisterServiceProcess",0

.code
invoke GetCurrentProcessId
mov ebx, eax
invoke GetModuleHandle, addr szKernelDLL
invoke GetProcAddress, eax, addr szRegServProc
invoke (TYPE RegisterServiceProcess) ptr eax, ebx, RSP_SIMPLE_SERVICE


Thomas
Posted on 2002-06-22 17:39:24 by Thomas
You can just specify NULL for the Current Process ID.
Posted on 2002-06-22 18:18:39 by Kudos
invoke (TYPE RegisterServiceProcess) ptr eax, ebx, RSP_SIMPLE_SERVICE

I get an error with this line.
It still says unknown symbol RegisterServiceProcess
And when I try it w/o the TYPE

invoke ptr eax, ebx, RSP_SIMPLE_SERVICE

It doesn't like that at all.
So I tried

call ptr eax, ebx, RSP_SIMPLE_SERVICE
but i guess that doesn't work... I don't know the correct syntax.

Also Kudos - the problem isn't getting the Process ID - I can get that no problem it's Registering my process as a Service Process with that call.

Thank you for all you're help already.

Also I'd like to apologize to the admins for my vague topic - I didn't read the 2nd sticky until afterwards when I was reading more post. Sorry... I'll refrain from being so vague if I post a topic again.

-SiLenCe



oh oh I got it - thanks for your help
And thank you Thomas for getting me on the right track.
Here's what I use and it works:

start:
;;;;;; We make this process a registered process to hide from ctrl+alt+del menu ;;;;;
invoke GetCurrentProcessId ; We Get Current Process ID
mov ebx, eax ; Store PID to EBX
invoke GetModuleHandle, addr szKernelDLL ; We must use these next lines to invoke
invoke GetProcAddress, eax, addr szRegServProc ; RegisterServiceProcess because it's not
push RSP_SIMPLE_SERVICE ; in the kernel32 library
push ebx
call eax ; invoke RegisterServiceProcess, ebx, RSP_SIMPLE_SERVICE

Thanks again!!
Posted on 2002-06-22 18:36:45 by SiLenCe