Solved

Trapping a Windows Message

Posted on 2004-04-21
15
556 Views
Last Modified: 2008-03-06
I have a application that runs on a server.  I would like to create an event procedure that fires when ever a Window Message tells a process (test.exe) to start.  Before the Message actually tells the process to start I need my application to check certain things, then if everything is good let the Message through to start the process.

1.  Is there a tool that will show me the Window Message that start an application or process?  Maybe something by sysinternals?

2.  How can I create an Procedure that traps the message that starts the app or process?

Thanks
0
Comment
Question by:jbauer22
  • 7
  • 5
  • 2
15 Comments
 
LVL 19

Expert Comment

by:BrianGEFF719
ID: 10883291
well you can modify a registry value to intercept all running of EXE Files...this is acctually how some viruses load. It might be highly un-conventional, but it will work. The same way a TEXT file knows to open with Notepad, you can make an EXE file load with your program.

Then just process the command line args.

dim cmds as string
cmds = commands$
if instr(commands$,"virus") then
 msgbox "This program is not allowed to run"
else
 shell(command$)
end if


modify HKEY_CLASSES_ROOT\EXEFile\Shell\Open\Command to

c:\interceptprogram.exe "%1" %*
0
 
LVL 19

Expert Comment

by:BrianGEFF719
ID: 10883300
sorry it should be COMMAND$
0
 
LVL 28

Expert Comment

by:Ark
ID: 10884596
Take a look on my sample http://www.freevbcode.com/ShowCode.Asp?ID=1308
>>This is a .dll that uses a number of shell functions (including some undocumented ones) to hook and log a variety of shell messages (e.g., window creation, window activation, window deactivation). Included is a sample client project that illustrates how to use the .dll to log shell events. Be sure to register the .dll before running the sample project.<<
0
Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

 
LVL 19

Expert Comment

by:BrianGEFF719
ID: 10884877
The reason I recommended my way was because, we all know a window is not needed to execute code. Thats the reason I suggested my highly un-orthodox code.



-Brian
0
 
LVL 28

Expert Comment

by:Ark
ID: 10884911
Brian, this key is for shell open command (ie if you start app from explorer/desktop). Try your sample with command prompt/Run menu.
0
 
LVL 19

Expert Comment

by:BrianGEFF719
ID: 10884921
but doesnt the visual basic Shell() command do the same thing. The only thing that would work different would be CreateProcess() API.


-Brian
0
 
LVL 19

Expert Comment

by:BrianGEFF719
ID: 10884922
Correct Me if I am wrong.

0
 
LVL 19

Expert Comment

by:BrianGEFF719
ID: 10884965
Acctually I retract my previous statement. Shell() Command does not at all play with the registry nor does CreateProcess(). So maybe a combination of Window Checking and Explorer shell modifying would be in order.


-Brian
0
 
LVL 28

Expert Comment

by:Ark
ID: 10884971
Yes, but most application (c++/other then VB based) use CreateProcess() instead of ShellExecute(.."open")
0
 
LVL 2

Author Comment

by:jbauer22
ID: 10894664
Brian - I'd like to intercept the specific message that is starting the EXE.

Ark - It looks like the example only captures window events.

Thanks.
0
 
LVL 28

Expert Comment

by:Ark
ID: 10895995
Sory, probably I misundersood smth. What do you mean "Window Message that start an application or process"? Messages are sending to already opened windows and can not start a process.
0
 
LVL 19

Expert Comment

by:BrianGEFF719
ID: 10896720
Ark: I think what he is saying is that he wants to intercept all CreateProcess() API Calls and all ShellExecute API calls which cannot be easily done.
0
 
LVL 2

Author Comment

by:jbauer22
ID: 10972412
Brian - Are there any tools to help me intercept the CreateProcess and ShcellExecute Calls?
0
 
LVL 28

Accepted Solution

by:
Ark earned 500 total points
ID: 10982566
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I’ve seen a number of people looking for examples of how to access web services from VB6.  I’ve been using a test harness I built in VB6 (using many resources I found online) that I use for small projects to work out how to communicate with web serv…
Introduction While answering a recent question (http://www.experts-exchange.com/Q_27402310.html) in the VB classic zone, I wrote some VB code in the (Office) VBA environment, rather than fire up my older PC.  I didn't post completely correct code o…
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question