Hi, I want to prog a Taskmanager.
Some Progs are a little stubbornly, can someone help me ?
This the source, and its only possible to terminate small aplication.

terminatetemp db "explorer.exe", 0
terminate1 db "explorer.exe Smc.exe", 0

.code
INVOKE lstrcpy ADDR terminatetemp, ADDR terminate1
INVOKE terminatefw

terminatefw PROC
push edi
push eax
push ecx
INVOKE lstrcpy, EDI, ADDR terminatetemp

mov edi, eax
xor ecx, ecx
invoke lstrlen, eax
.while ecx!=eax
.if byte ptr ==" "
inc edi
mov , edi
.break
.endif
inc ecx
inc edi
.endw
cmp ecx, eax
je done
mov , sizeof uProcess
invoke CreateToolhelp32Snapshot, 2, 0
mov , eax
invoke Process32First, eax, ADDR uProcess
.while eax
xor ecx, ecx
lea edi,
mov ebx, edi
dec ebx
invoke lstrlen, edi
add edi, eax
.while edi!=ebx
invoke lstrcmpi, edi,
.if !eax
invoke OpenProcess, PROCESS_TERMINATE, 1,
invoke TerminateProcess, eax, 0
jmp done
.endif
; optimize this
dec edi
.endw
invoke Process32Next, , ADDR uProcess
.endw

done: invoke CloseHandle,
pop edi
pop eax
pop ecx
ret
terminatefw ENDP
Posted on 2003-03-04 02:09:41 by Forginforcer
"terminatefw"... did you copy this code from somewhere else, or are you out to do bad stuff?
Posted on 2003-03-04 04:57:33 by f0dder
I not realy programed this by my self !

You sure know the code example killproc.

I start a prog with the funktion Shellexecute and the program i started I want to terminate.
But, i doesnt work.

further I want to prgramm a taskmanager. But a manager which isnt able to terminate a programm is not that useful ! :grin: :grin:

Thanks for your attention ! I still need help.
Posted on 2003-03-04 07:17:15 by Forginforcer
You should check my Program. Hit www Button at this post.
invoke SendMessage,hWndtgt,WM_CLOSE,NULL
Posted on 2003-03-04 07:22:17 by realvampire
Can you copy the terminate funktion for me ?
Thanks for your attention !
Posted on 2003-03-04 07:53:42 by Forginforcer
Im already copy it.




invoke SendMessage,hWnd,WM_TERMINATE,NULL

Posted on 2003-03-04 07:57:47 by realvampire
shit, then i have to get the handle !
Its works something with findwindow...
but i will try !
Posted on 2003-03-04 07:59:33 by Forginforcer
do someone knows a rigid methode, to terminate a process ? If a prog crashed, it cant follow the close instruktion...
Posted on 2003-03-04 12:58:18 by Forginforcer
Heya..
When I did this I too went for the WM_CLOSE approach at first.
Later I realized that I would be better off spoofing user input to the real process manager, making it appear as if I had actually killed the process with the operating system's manager.
I didn't try to make it work on every version of Windows, it was a means to an end for a personal tool.
For a more "professional" method of closing applications, I seem to recall that was possible via a couple of other methods... one was a rundll invocation, the others I can't remember, only that I saw them in malicious source which I'd rather not elaborate on...
cya.
Posted on 2003-03-04 19:42:34 by Homer
forget ShellExecute, use CreateProcess. That way you get a proper process handle etc. Second, starting with WM_CLOSE or DestroyWindow is a good idea - if app hasn't closed after some timeout period, you can use TerminateProcess. But you should always give it a chance to terminate cleanly first, as TerminateProcess doesn't decrement DLL reference count...
Posted on 2003-03-05 02:09:16 by f0dder
I made a simple task manager that used terminate process, then I got silly... I managed to trim it down to 3.5k!

If you can understand it, here is the code. I did a lot of things to get the bytes down so it fits in 3.5k (even though it doesn't matter, its the principal of the thing :) ).



.386
.model flat, stdcall
option casemap:none
.nolist

include \masm32\include\no_imp\windows.inc
include \masm32\include\no_imp\kernel32.inc
include \masm32\include\no_imp\user32.inc
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\user32.lib

ListProc proto :DWORD,:DWORD,:DWORD,:DWORD

.const
CM_EXIT equ 101
CM_REFRESH equ 102
CM_ABOUT equ 103

CM_IDLE equ 1040h
CM_NORM equ 1020h
CM_HIGH equ 1080h
CM_REAL equ 1100h

CM_KILL equ 0999

.listall

.data?
hSnapshot dd ?
hList dd ?
OldWndProc dd ?
hMenu dd ?
uProcess PROCESSENTRY32 <>
myRect RECT <>
wc WNDCLASSEX <>
msg MSG <>

.code
data:
ClassName db "FEC",0
AppName db "STM v.4",0
LBClass db "LISTBOX",0
AbtTitle db "About..", 0
AbtText db "Simple Task Manager - by Mirno.", 13, 10
db "email: [email]mirno@fsmail.net[/email]", 0
MsgText db "Couldnt change settings", 0

MTitle db "File",0
M1 db "Refresh",0
M2 db "About",0
M3 db "Exit",0

P1 db "Idle",0
P2 db "Norm",0
P3 db "High",0
P4 db "Real",0
P5 db "Kill",0

start:
xor eax, eax
mov wc.cbClsExtra, eax
mov wc.cbWndExtra, eax
mov wc.lpszMenuName, eax

invoke LoadCursor, eax, IDC_ARROW
mov wc.hCursor, eax
mov wc.cbSize, SIZEOF WNDCLASSEX
mov wc.style, CS_HREDRAW or CS_VREDRAW
mov wc.lpfnWndProc, OffSet MainProc
mov wc.hbrBackground, COLOR_BTNFACE + 1
mov wc.lpszClassName, OffSet ClassName

invoke GetModuleHandle, NULL
mov wc.hInstance, eax

invoke LoadIcon, eax, 1
mov wc.hIcon, eax
mov wc.hIconSm, eax

invoke RegisterClassEx, ADDR wc

invoke CreateMenu
mov hMenu, eax
xor edx, edx

push OFFSET M3
push CM_EXIT
push edx
push eax

push edx
push edx
push MF_SEPARATOR
push eax

push OFFSET M2
push CM_ABOUT
push edx
push eax

push OFFSET M1
push CM_REFRESH
push edx
push eax
call AppendMenu
call AppendMenu
call AppendMenu
call AppendMenu

invoke CreateMenu
push eax

invoke AppendMenu, eax, MF_STRING or MF_POPUP, hMenu, ADDR MTitle

invoke CreatePopupMenu
mov hMenu, eax
xor edx, edx

push OFFSET P5
push CM_KILL
push edx
push eax

push edx
push edx
push MF_SEPARATOR
push eax

push OFFSET P4
push CM_REAL
push edx
push eax

push OFFSET P3
push CM_HIGH
push edx
push eax

push OFFSET P2
push CM_NORM
push edx
push eax

push OFFSET P1
push CM_IDLE
push edx
push eax

call AppendMenu
call AppendMenu
call AppendMenu
call AppendMenu
call AppendMenu
call AppendMenu

pop eax
invoke CreateWindowEx, NULL, ADDR ClassName, ADDR AppName, \
WS_OVERLAPPEDWINDOW or WS_CLIPCHILDREN, CW_USEDEFAULT, \
CW_USEDEFAULT, 300, 300, NULL, eax, \
wc.hInstance, NULL
push eax

invoke ShowWindow, eax, SW_SHOWNORMAL
call UpdateWindow
.WHILE TRUE
invoke GetMessage, ADDR msg,NULL,0,0
.BREAK .IF (!eax)
invoke TranslateMessage, ADDR msg
invoke DispatchMessage, ADDR msg
.ENDW

invoke ExitProcess, msg.wParam


MainProc proc hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
mov eax, uMsg
cmp eax, WM_CREATE
jne Not_CREATE
invoke CreateWindowEx, WS_EX_CLIENTEDGE,\
ADDR LBClass, NULL,\
WS_CHILD or WS_VISIBLE or WS_VSCROLL or \
LBS_HASSTRINGS or LBS_NOINTEGRALHEIGHT,\
0, 0, 0, 0,\
hWnd, NULL, wc.hInstance, NULL
mov hList, eax

invoke SetWindowLong, eax, GWL_WNDPROC, ADDR ListProc
mov OldWndProc,eax

jmp Refresh

Not_CREATE:
cmp eax, WM_COMMAND
jne Not_COMMAND
mov eax, wParam
and eax, 0FFFFh

cmp eax, CM_REFRESH
je Refresh

cmp eax, CM_EXIT
jne @F
invoke DefWindowProc, hWnd, WM_CLOSE, 0, 0
jmp Main_end
@@:
cmp eax, CM_ABOUT
jne Main_end
invoke MessageBox, hWnd, ADDR AbtText, ADDR AbtTitle, MB_OK
jmp Main_end

Not_COMMAND:
cmp eax, WM_SIZE
jne Not_SIZE
mov edx, lParam
mov eax, lParam
shr edx, 16
and eax, 0FFFFh

invoke MoveWindow, hList, 0, 0, eax, edx, TRUE
;Resize the edit box to fill the whole window
jmp Main_end

Not_SIZE:
cmp eax, WM_DESTROY
jne Not_DESTROY
invoke PostQuitMessage,NULL

Not_DESTROY:
invoke DefWindowProc,hWnd,eax,wParam,lParam

Main_end:
ret
MainProc endp

ListProc proc hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
mov eax, uMsg

cmp eax, WM_RBUTTONDOWN
jne Not_RBUTTONDOWN
invoke CallWindowProc, OldWndProc, hList, WM_LBUTTONDOWN, wParam, lParam
jmp List_end

Not_RBUTTONDOWN:
cmp eax, WM_RBUTTONUP
jne Not_RBUTTONUP
invoke CallWindowProc, OldWndProc, hList, WM_LBUTTONUP, wParam, lParam

invoke SendMessage, hList, LB_GETCURSEL, 0, 0
cmp eax, LB_ERR
je List_end
invoke SendMessage, hList, LB_GETITEMDATA, eax, 0
invoke OpenProcess, PROCESS_QUERY_INFORMATION, FALSE, eax
invoke GetPriorityClass, eax

or eax, 1000h
push eax
invoke CheckMenuItem, hMenu, eax, MF_BYCOMMAND or MF_CHECKED

invoke GetWindowRect, hList, ADDR myRect
mov eax, lParam
mov edx, lParam + 2
and eax, 0FFFFh
and edx, 0FFFFh
add eax, myRect.left
add edx, myRect.top
invoke TrackPopupMenuEx, hMenu, TPM_HORIZONTAL, \
eax, edx, hWnd, NULL

pop ecx
invoke CheckMenuItem, hMenu, ecx, MF_BYCOMMAND or MF_UNCHECKED
jmp List_end

Not_RBUTTONUP:
cmp eax, WM_COMMAND
jne Not_COMMAND
mov eax, wParam
.IF ax == CM_KILL
invoke SendMessage, hList, LB_GETCURSEL, 0, 0
invoke SendMessage, hList, LB_GETITEMDATA, eax, 0
invoke OpenProcess, PROCESS_TERMINATE, 1, eax
invoke TerminateProcess, eax, 0

invoke Sleep, 500

Refresh::
invoke SendMessage, hList, LB_RESETCONTENT, 0, 0

mov uProcess.dwSize, sizeof uProcess
invoke CreateToolhelp32Snapshot, TH32CS_SNAPPROCESS, 0
mov hSnapshot, eax
invoke Process32First, eax, ADDR uProcess

.while eax
invoke SendMessage, hList, LB_ADDSTRING, 0, ADDR uProcess.szExeFile
invoke SendMessage, hList, LB_SETITEMDATA, eax, uProcess.th32ProcessID
invoke Process32Next, hSnapshot, ADDR uProcess
.endw

invoke CloseHandle, hSnapshot

.ELSE
invoke SendMessage, hList, LB_GETCURSEL, 0, 0
invoke SendMessage, hList, LB_GETITEMDATA, eax, 0
invoke OpenProcess, PROCESS_SET_INFORMATION, FALSE, eax
mov edx, wParam
and edx, 0FFFh
invoke SetPriorityClass, eax, edx

.IF !eax
invoke MessageBox, hWnd, ADDR MsgText, NULL, MB_ICONEXCLAMATION or MB_OK
.ENDIF
.ENDIF
jmp List_end

Not_COMMAND:
invoke CallWindowProc, OldWndProc, hList, eax, wParam, lParam
ret

List_end:
xor eax,eax
ret
ListProc endp

end start


Things like pushing all the arguments in a row, so that eax is unmodified etc. just to save about 2 bytes each time! It got ridiculous, and I finally reached the lean 3.5k mark using all this, AND the no-jump table include files.

Mirno
Posted on 2003-03-05 15:20:38 by Mirno
Hi How r u?

I hope this will work with u

Get the handle for the process u want to terminate using OpenProcess API Function with access right terminate the call TerminateProcess it will work very good

to enumrate all the processess in the system call either EnumProcesses or user CreateToolhelpSNapshot in Toolhlp.h


If u need more information about these function look in the MSDN

please fill free to mail me if u want anything else
Posted on 2003-03-06 01:24:36 by Hisham
hiiiiiiiiiiiii thanks alot !

I just see, that you hav answered my questen !
I didnt get a email notification.

I will test it immediately !
Posted on 2003-03-07 08:19:51 by Forginforcer