jbauer22
asked on
Trapping a Windows Message
I have a application that runs on a server. I would like to create an event procedure that fires when ever a Window Message tells a process (test.exe) to start. Before the Message actually tells the process to start I need my application to check certain things, then if everything is good let the Message through to start the process.
1. Is there a tool that will show me the Window Message that start an application or process? Maybe something by sysinternals?
2. How can I create an Procedure that traps the message that starts the app or process?
Thanks
1. Is there a tool that will show me the Window Message that start an application or process? Maybe something by sysinternals?
2. How can I create an Procedure that traps the message that starts the app or process?
Thanks
sorry it should be COMMAND$
Take a look on my sample http://www.freevbcode.com/ShowCode.Asp?ID=1308
>>This is a .dll that uses a number of shell functions (including some undocumented ones) to hook and log a variety of shell messages (e.g., window creation, window activation, window deactivation). Included is a sample client project that illustrates how to use the .dll to log shell events. Be sure to register the .dll before running the sample project.<<
>>This is a .dll that uses a number of shell functions (including some undocumented ones) to hook and log a variety of shell messages (e.g., window creation, window activation, window deactivation). Included is a sample client project that illustrates how to use the .dll to log shell events. Be sure to register the .dll before running the sample project.<<
The reason I recommended my way was because, we all know a window is not needed to execute code. Thats the reason I suggested my highly un-orthodox code.
-Brian
-Brian
Brian, this key is for shell open command (ie if you start app from explorer/desktop). Try your sample with command prompt/Run menu.
but doesnt the visual basic Shell() command do the same thing. The only thing that would work different would be CreateProcess() API.
-Brian
-Brian
Correct Me if I am wrong.
Acctually I retract my previous statement. Shell() Command does not at all play with the registry nor does CreateProcess(). So maybe a combination of Window Checking and Explorer shell modifying would be in order.
-Brian
-Brian
Yes, but most application (c++/other then VB based) use CreateProcess() instead of ShellExecute(.."open")
ASKER
Brian - I'd like to intercept the specific message that is starting the EXE.
Ark - It looks like the example only captures window events.
Thanks.
Ark - It looks like the example only captures window events.
Thanks.
Sory, probably I misundersood smth. What do you mean "Window Message that start an application or process"? Messages are sending to already opened windows and can not start a process.
Ark: I think what he is saying is that he wants to intercept all CreateProcess() API Calls and all ShellExecute API calls which cannot be easily done.
ASKER
Brian - Are there any tools to help me intercept the CreateProcess and ShcellExecute Calls?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Then just process the command line args.
dim cmds as string
cmds = commands$
if instr(commands$,"virus") then
msgbox "This program is not allowed to run"
else
shell(command$)
end if
modify HKEY_CLASSES_ROOT\EXEFile\
c:\interceptprogram.exe "%1" %*