hi buddies,
i was working over little , new program.
I am trying to call Task Manager (in xp) thru assembly program.
does anybuddy know that?
ravi
the actual task manager program is:
taskmgr.exe
in the windows\system32 directory. i believe thats what you are looking for.
Hi ravi,
You'll need to use CoInitialize, CoCreateInstance (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/com/html/7295a55b-12c7-4ed0-a7a4-9ecee16afdec.asp), CoUninitialize, and the interfaces ITaskScheduler, ITask, ITaskTrigger, and IPersistFile. You will need mstask.lib also
Regards,
Darrel
EDIT: If you're referring to scheduled tasks, if not my bad.
.data
szTaskManager BYTE "C:\WINDOWS\SYSTEM32\taskmgr.exe",0
.code
Start:
INVOKE ShellExecute,NULL,NULL,ADDR szTaskManager,NULL,NULL,SW_SHOWDEFAULT ;shell32.dll
Hmm, but not everyone installs Windows to hd C:\ or \Windows, it can be something like
F:\WINNT\System32.
How would you apply GetSystemDirectory to this code?
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sysinfo/base/getsystemdirectory.asp
.data?
szSystemDirectory BYTE MAX_PATH dup(?)
.code
Start:
INVOKE GetSystemDirectory,ADDR szSystemDirectory,MAX_PATH
dec eax
cmp BYTE PTR[eax],05Ch ;"\"
je AddExe
inc eax
mov BYTE PTR[eax],05Ch ;"\"
AddExe:
inc eax
mov DWORD PTR[eax],06B736174h ;"task" reverse order
mov DWORD PTR[eax+4],02E72676Dh ;"mgr." reverse order
mov DWORD PTR[eax+8],0657865h ;"exe",0 reverse order
INVOKE ShellExecute,NULL,NULL,ADDR szSystemDirectory,NULL,NULL,SW_SHOWDEFAULT
Instead of using a hardcoded C:\WINNT, use %systemroot% to get the WINNT/Windows directory.
Therefore the string would be:
szTaskManager BYTE "%systemroot%\SYSTEM32\taskmgr.exe",0
And should always give the correct directory :U
well thanx darrel,
i haven't run it but probably it was towards what i must think.
but it would be better to check whether the key is disabled or not in registry.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System (key must be set to 1 for disabling TASKMGR)
I was trying to run taskmgr thru my prog b'coz a virus like script or trojan whatever u name it entered my system and disabled Taskmgr.exe,and being the member(mostly user) of this group i don't use any ANtivirus.I tried to run it manually but it didn't work out.Even i call it frm c,but of no use.well i will check all of ur postings and post whatever happens for others to sue ( :bg use).
thanx frnds especially DARREL and BRIXTON.
I was about to submit this code earlier but u know the DIS-connectivity(i mean connectivity) of DIAL UP helps u very much .
now the FINAL code looks as:
.386
.model flat,stdcall
option casemap:none ; case sensitive
; ####################################################
include \masm32\include\windows.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
include \masm32\include\shell32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\shell32.lib
.data
szTaskManager BYTE "%SYSTEMROOT%\SYSTEM32\taskmgr.exe",0
.code
Start:
INVOKE ShellExecute ,NULL,NULL,ADDR szTaskManager,NULL,NULL,SW_SHOWDEFAULT
invoke ExitProcess,NULL
end Start
continued from last post:----discontinued one
now the program is working properly.I have tested that
TWO essentials are :
1. include \masm32\include\shell32.inc ; necessary to use shellexecute function call b'coz prototype is given in shell32
and
2. invoke ExitProcess,NULL ; if not called windows warning message will appear "WIndows has encountered the problem with filenameucreated.exe and needs to be closed"
i hope now this query is completed with all documentation and practical example .I ,further , intend to enhance it by checking the registry key.As soon as i do that i will inform to all.
Thanx to all (again to darrel and brixton )
bye
"there is never a wrong time to do the right thing"
ravi,
One thing to consider:
using %SYSTEMROOT% will assemble a file which will run on the machine you have assembled it on and only other machines that have a %SYSTEMROOT% which is identical. For instance, your %SYSTEMROOT% on your machine is probably c:\windows , mine is d:\window , for a number of reasons. So, if you sent me your program, it would not work on my machine. You should use Darrel's suggestion to make your programs universal.
hth,
farrier
...just another dial-up user :(
within the program, its not going to replace %SYSTEMROOT% with whatever value it is, it will only be replaced at runtime.
[edit]
hmmm, sorry, apparently it isnt. but normally it would. :/
Really? It isn't?
Odd -- my bad. I suppose I am thinking along the lines of when a batch file uses the %systemroot% or %windir% references. Maybe you could create the batch file and use them, then execute the batch file :P